On 06/05/2015 10:59 AM, Hannes Mehnert wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA384
Hi all,
After a couple months of research and discussions between Louis
Gesbert and myself, the proposal for a secured OPAM repository
(featuring both end-to-end signing, and repository signing), is ready
for a wider review.
Wow! This is really nice work.
I have a few questions:
1. In your linearity invariants, you say that no key may be removed (1)
which seems sensible even if inviting a lot of cruft eventually. Then,
you say that keys can only be modified with a signature (5) and, as a
special exception, removal of a developer key (exception 2) is allowed.
What happens when these events occur? Do things get re-signed? Do
clients have to traverse the repo history to extract old keys to verify
signatures?
2. Are the default opam root keys compiled into the binary or on-disk? I
interpreted it both ways from a couple of mentions throughout the doc.
3. How will the uniqueness and time-limitedness of the initial-bootstrap
key be enforced?
4. Where are RM keys stored in the repo? in keys/dev? keys/root seems to
contain a list of the keyid/algo/key triples for RMs but there is a
keyid uniqueness condition...? Could you clarify the distinction between
a keyid and an author id (user@host)?
5. Can the dev (and RM) identities be designed for extensibility? It
reads like the key files will just contain a list of key triples right
now. Could these files contain a single field, e.g. "keys", so that
others could be added later? Specifically, I would like to attest to my
GitHub user id so the signatures in the repo can be used by bots to
authorize simple actions performed by my GitHub user (e.g. rebuild this PR).
Overall, it looks very well thought out! Thanks for putting in so much
effort to get us this far. I'm very optimistic about this system, now.
David
The result has just been posted at
https://opam.ocaml.org/blog/Signing-the-opam-repository/
This thread is intended as the official channel for comments and
discussion on the proposal above.
Thanks!
Louis Gesbert and Hannes Mehnert
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAEBCQAGBQJVcXMKAAoJELyJZYjffCju+zYQAKJKhnjkVeya4TGgDNjDaVK4
sgSeZaiqpEwtx7wFIFBoCmDg2s7KfJXXNxI6XmVW93PBhU4mBNT+Xzykkpw5+DcF
cgtXe3nJqqEqTV/fPJ7FT+uXFJqCcj5CVIzUKAtdKqnKrjU1owdJiaHVIfSXcrEb
hHJ2Ij1qEWeey/oBXiJrunwQ5QkkxRBQAXdtK+7j9s71ZK7UCuRGi/g1GD/ZMxTL
9rMAMSnYggGUMSIhDPOJlAHXd9nHSlv0ME6zt48mQgZ8a3T3+bq/SZrlteRsbHOH
wJQECa62pa/EpOn57SNEqSwU0rcPKi/6BXwZ/fG4+byZdHLjet8g2zxlO+WUb3PL
T4y1oeKatKu06f64SU5Ty0EZnG6uABoRj963BKVfQHs1R5VCL3rVXIsdaXiBmecP
uth3QOehFxHN91NSm0WhMbqd7OnPetIDzpMwjGxw3b9sOzHKOx4YJhpxakYdIpU9
Yxb61vclRAyTYPFMucXJDjwQSVcDvp9weN5QdFkRoLB+wIwfcyiaheZGvb27O/Ia
9gPyVxyO0/S9Rf7sIna5IMoIFqJ4v3J7tfoTJdk3brNftfjZ0bg1ZuolshhnA93G
4lgG179pVIsfYMCpmi6II1hV23FzWOFBn4jbgM9hTvVKG+y+Ag704lXVhzygz6Gh
gCx+wKh/LuI+phhcesw7
=wOT2
-----END PGP SIGNATURE-----
_______________________________________________
Platform mailing list
[email protected]
http://lists.ocaml.org/listinfo/platform
_______________________________________________
Platform mailing list
[email protected]
http://lists.ocaml.org/listinfo/platform
