On 01/22/2015 10:43 PM, Raahul Kumar wrote:
bit-identical builds. How far are we from that point? Is it the
timestamps that most build tools add to their build that prevents it?
What's the blocker?
We still don't even have fully reproducible stdenv, not even with all of
nixos@home would be impossible to secure until derivations are bit-for-bit
identical on multiple builds. Then you could do something like, have 1000
builders, and if 501 builders get the same output hash for a derivation, it
gets accepted on the public ledger of input/output hashes. Grow the
On Thu, Jan 22, 2015 at 8:52 PM, Vladimír Čunát vcu...@gmail.com wrote:
(They can distribute the content signed by
trusted people, but distribution isn't much of a problem in our case, IMHO.)
Data dissemination over a point-to-point network is a costly affair.
It's a problem.
Why pay amazon
This thing is about trust, and personally I'd prefer signing the
derivation-output hash pairs and having some web-of-trust-like
solution. (Although some build redundancy is certainly good, for
multiple reasons.)
The problem with seti@home -like solutions is that verifying correctness
is
bit-identical builds. How far are we from that point? Is it the timestamps
that most build tools add to their build that prevents it?
What's the blocker?
Aloha,
RK.
On Thu, Jan 22, 2015 at 10:29 PM, Wout Mertens wout.mert...@gmail.com
wrote:
nixos@home would be impossible to secure until
On Thu, Jan 22, 2015 at 1:52 PM, Vladimír Čunát vcu...@gmail.com wrote:
This thing is about trust, and personally I'd prefer signing the
derivation-output hash pairs and having some web-of-trust-like solution.
(Although some build redundancy is certainly good, for multiple reasons.)
On 01/22/2015 04:12 PM, Alexander Kjeldaas wrote:
Therefore, the untrusted computers bring very little added value.
I don't understand how this follow from the previous point. [...]
From a kind-of paranoid point of view, if I don't trust a computer at
all, it shouldn't be able to
Dear all,
A recent thread regarding contributors brought up a point about
throwing a stack of money at further devlopment and refinement of
Hydra.
Wouldn't it be nice to:
- be able to do as they do in the OpenBSD world by living on master.
When things break the fix comes in quick. No hanging
On 01/21/2015 10:32 PM, Wout Mertens wrote:
Not sure if throwing money at the Hydra codebase will speed up compiles
(apart from setting it up to use ccache).
I understood that rather as having more build power at Hydra.nixos.org
smime.p7s
Description: S/MIME Cryptographic Signature
On Wed, Jan 21, 2015 at 10:34 PM, Vladimír Čunát vcu...@gmail.com wrote:
On 01/21/2015 10:32 PM, Wout Mertens wrote:
Not sure if throwing money at the Hydra codebase will speed up compiles
(apart from setting it up to use ccache).
I understood that rather as having more build power at
Vladimír Čunát vcu...@gmail.com writes:
On 01/21/2015 10:32 PM, Wout Mertens wrote:
Not sure if throwing money at the Hydra codebase will speed up compiles
(apart from setting it up to use ccache).
I understood that rather as having more build power at Hydra.nixos.org
The other suggestion
On 21 January 2015 at 14:10, Moritz Ulrich mor...@tarn-vedra.de wrote:
Vladimír Čunát vcu...@gmail.com writes:
On 01/21/2015 10:32 PM, Wout Mertens wrote:
Not sure if throwing money at the Hydra codebase will speed up compiles
(apart from setting it up to use ccache).
I understood that
I also refer to the use of Content Centric Networking (CCN) or Named
Data Networking (NDN) to disseminate binaries.
Please note, CCN builds security into the TCP/IP overlay protocol.
So a binary is automatically signed by a trusted NixOS maintainer
whom is also running a private hydra node.
Ah, if the set of trusted people is a relatively small group of people
someone like Eelco has met in person, then I'm much happier. When I
first saw the suggestion, I was imagining some sort of seti@home kind
of thing.
Thanks,
James
On 21 January 2015 at 18:30, stewart mackenzie
Forgive me, this is my fault for not being clear enough.
Yes I too would feel uncomfortable about a nixos@home setup unless of
course it includes some kind of blockchain. Even then it would be too
expensive to run.
___
nix-dev mailing list
Sure, but who or what gets the money? Will it fund more build systems or
will the money go to a recreation of Hydra in a more popular language? Not
sure if throwing money at the Hydra codebase will speed up compiles (apart
from setting it up to use ccache).
On Wed Jan 21 2015 at 4:57:15 PM
16 matches
Mail list logo
