From debbugs-submit-bounces@debbugs.gnu.org Sat Dec 03 18:56:11 2016 Received: (at 25094) by debbugs.gnu.org; 3 Dec 2016 23:56:11 +0000 Received: from localhost ([127.0.0.1]:51714 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1cDKA6-0006jj-Uz for submit@debbugs.gnu.org; Sat, 03 Dec 2016 18:56:11 -0500 Received: from eggs.gnu.org ([208.118.235.92]:36622) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1cDKA5-0006jU-GC for 25094@debbugs.gnu.org; Sat, 03 Dec 2016 18:56:09 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1cDK9x-0005Y5-Ba for 25094@debbugs.gnu.org; Sat, 03 Dec 2016 18:56:04 -0500 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org X-Spam-Level: X-Spam-Status: No, score=-3.4 required=5.0 tests=BAYES_05,RP_MATCHES_RCVD autolearn=disabled version=3.3.2 Received: from fencepost.gnu.org ([2001:4830:134:3::e]:51674) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cDK9x-0005Y1-83; Sat, 03 Dec 2016 18:56:01 -0500 Received: from reverse-83.fdn.fr ([80.67.176.83]:36034 helo=pluto) by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_256_CBC_SHA1:256) (Exim 4.82) (envelope-from ) id 1cDK9w-0008WO-ER; Sat, 03 Dec 2016 18:56:00 -0500 From: ludo@gnu.org (Ludovic =?utf-8?Q?Court=C3=A8s?=) To: Leo Famulari Subject: Re: bug#25094: Add comments to archive keys and acls References: <5841B184.4050802@crazy-compilers.com> <20161202181351.GA30572@jasmine> X-URL: http://www.fdn.fr/~lcourtes/ X-Revolutionary-Date: 14 Frimaire an 225 de la =?utf-8?Q?R=C3=A9volution?= X-PGP-Key-ID: 0x090B11993D9AEBB5 X-PGP-Key: http://www.fdn.fr/~lcourtes/ludovic.asc X-PGP-Fingerprint: 3CE4 6455 8A84 FDC6 9DB4 0CFB 090B 1199 3D9A EBB5 X-OS: x86_64-unknown-linux-gnu Date: Sun, 04 Dec 2016 00:55:58 +0100 In-Reply-To: <20161202181351.GA30572@jasmine> (Leo Famulari's message of "Fri, 2 Dec 2016 13:13:51 -0500") Message-ID: <87inr08t4h.fsf@gnu.org> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/25.1 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 2001:4830:134:3::e X-Spam-Score: -7.9 (-------) X-Debbugs-Envelope-To: 25094 Cc: Hartmut Goebel , 25094@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -7.9 (-------) Leo Famulari skribis: > On Fri, Dec 02, 2016 at 06:38:12PM +0100, Hartmut Goebel wrote: >> Hi, >>=20 >> the keys for authenticating an archive currently do not hold any >> comment. This makes it hard to track acls and remove certain keys if >> required. > > Indeed, this makes key management a little harder than it needs to be. Agreed. The crux of the problem is that libgcrypt=E2=80=99s canonical sexp parser does not recognize comments. does not specify comments, which may be the reason, but other implementations of canonical sexps (such as lsh and Nettle) do recognize them, so we should just get libgcrypt to follow suit. >> Please implement some way to add and change the comment on keys in >> /etc/guix/ and in /etc/guix/acl. >>=20 >> Proposed usage when generating the key: >> guix archive --generate-key=3D=E2=80=A6 --comment "store.example.com" >>=20 >> Proposed usage when importing the key and overwriting any existing comme= nt >>=20 >> guix archive --authorize --comment "store.example.com" >>=20 >> For now, since we have no commands for key management, these would be >> enough IMO. Existing commenty an easily be changed in the file, so for >> now we do not need a tool for this. > > I think that the comment should either be signed somehow, or the field > name should be "untrusted-comment". I think it=E2=80=99s no different than the optional comment in OpenSSH publ= ic keys, and it should be clear that it=E2=80=99s free from and untrusted by definition (the sexp syntax at least makes it clear that it=E2=80=99s a com= ment, as opposed to the OpenSSH public key format). Ludo=E2=80=99.