Vagrant Cascadian skribis:
> We've already got the keyring branch in guix.git, maybe adding an
> upstream-keys branch wouldn't be madness? Or a separate git
> repository. And then you could get it archived at software heritage or
> archive.org or whatever trivially.
Yes, that sounds reasonable t
Maxime Devos skribis:
> Ludovic Courtès schreef op ma 30-05-2022 om 17:34 [+0200]:
[...]
>> We could also have our own key server. Just like ‘guix lint -c
>> archival’ triggers SWH archival, we could have a tool that triggers
>> key download on the server so that crypto material never vanishes
Hi,
On mar., 31 mai 2022 at 08:09, Vagrant Cascadian wrote:
> Or keep some keyrings in a git repo, if we want to keep the keys
> somewhat restricted to committers... a major problem of the public
> keyserver network is/was the ability for anyone to update or add any key
> for anybody.
>
> We've
On 2022-05-30, Ludovic Courtès wrote:
> Maxime Devos skribis:
>
>> Ludovic Courtès schreef op ma 18-04-2022 om 22:24 [+0200]:
>>> [... guix refresh -u stuff failing due to not finding the key ...]
>>> I’m not sure what a good solution is (other than looking for the key
>>> manually on Savannah or
Ludovic Courtès schreef op ma 30-05-2022 om 17:34 [+0200]:
> > (package
> > (name "gnurl")
> > [...]
> > (properties
> > ;; Keys that are considered ‘trustworthy’ for signing releases
> > ;; of gnurl.
> > `((permitted-pgp-signing-keys "CABB A99E ..." "DEAD BEEF ...")
> >
Hi Ludo’,
Quoting Ludovic Courtès (2022-05-30 17:34:43)
> Maxime Devos skribis:
>
> > Ludovic Courtès schreef op ma 18-04-2022 om 22:24 [+0200]:
> >> [... guix refresh -u stuff failing due to not finding the key ...]
> >> I’m not sure what a good solution is (other than looking for the key
> >>
Maxime Devos skribis:
> Ludovic Courtès schreef op ma 18-04-2022 om 22:24 [+0200]:
>> [... guix refresh -u stuff failing due to not finding the key ...]
>> I’m not sure what a good solution is (other than looking for the key
>> manually on Savannah or on some random key server).
>
> Alternatively
Ludovic Courtès schreef op ma 18-04-2022 om 22:24 [+0200]:
> [... guix refresh -u stuff failing due to not finding the key ...]
> I’m not sure what a good solution is (other than looking for the key
> manually on Savannah or on some random key server).
Alternatively, why use key servers at all? W
Hi,
Tanguy LE CARROUR skribis:
> Oh… thank you so much for your answer! Looks like the proper way to go!
> I'll try to update GnuPG package definition to integrate one or several
> of those patches.
> Or maybe we should first figure out it this is the right thing to do?!
>
> Guix, thoughts!?
I
Hi Philip,
Quoting Philip McGrath (2022-04-29 21:11:41)
> On 4/18/22 16:24, Ludovic Courtès wrote:
> > Hi,
> >
> > Tanguy LE CARROUR skribis:
> >
> >> gpgv: Signature made Wed 16 Sep 2020 22:30:16 CEST
> >> gpgv:using RSA key 6115012DEA3026F62A98A556D6B570842F7E7F8D
> >> gpgv:
Hi,
On 4/18/22 16:24, Ludovic Courtès wrote:
Hi,
Tanguy LE CARROUR skribis:
gpgv: Signature made Wed 16 Sep 2020 22:30:16 CEST
gpgv:using RSA key 6115012DEA3026F62A98A556D6B570842F7E7F8D
gpgv: Can't check signature: No public key
Would you like to add this key to keyring
'/h
Hi,
Tanguy LE CARROUR skribis:
> Actually, Nikita answered this question on a thread on GNUnet's mailing list:
>
> https://lists.gnu.org/archive/html/gnunet-developers/2022-04/msg00030.html
>
> The end of the discussion is off list. The key used to
> sign the package is deprecated and not to be
Hi Ludo’,
Thanks for updating the topic! :-)
Quoting Ludovic Courtès (2022-04-18 22:24:00)
> Tanguy LE CARROUR skribis:
>
> > $ ./pre-inst-env guix refresh -u gnurl
> >
> > Starting download of /tmp/guix-file.NqJa4t
> > From https://ftpmirror.gnu.org/gnu/gnunet/gnurl-7.72.0.tar.gz...
> > follo
Hi,
Tanguy LE CARROUR skribis:
> $ ./pre-inst-env guix refresh -u gnurl
>
> Starting download of /tmp/guix-file.NqJa4t
> From https://ftpmirror.gnu.org/gnu/gnunet/gnurl-7.72.0.tar.gz...
> following redirection to
> `https://mirrors.ocf.berkeley.edu/gnu/gnunet/gnurl-7.72.0.tar.gz'...
> …2.0.tar
14 matches
Mail list logo
