Hi, Ricardo Wurmus skribis: > Ludovic Courtès writes: > >> The caching implemented in 787766ed1e7f0806a98e696830542da528f957bb >> makes things acceptable: the first “make authenticate” run takes a bit >> more than two minutes to check all the commits starting from ‘v1.0.1’, >> but subsequent runs take a few seconds. > > This sounds good. > > I wonder how we would integrate this into “guix pull”. For > authentication to work at all the user would have to have *all* past > keys. (I’m missing at least one of the keys, because only current keys > are contained in the keyring on Savannah.) Right. Clearly we shouldn’t rely on key servers because it’s brittle, keys might be missing, it requires the whole GnuPG shebang to fetch a single key, etc. Instead, what I have in mind is to have a branch in the same repo containing a complete keyring of the past and current keys (say, one file per key). The machinery would thus start by loading the keyring and then use it when verifying signatures. We can generalize that to all channels: ‘.guix-channel’ could specify (1) a keyring branch, and (2) the name of a file listing authorized keys. How does that sound? Thanks, Ludo’.