If commit i adds a new signing key to the channel’s authorisations file and
commit i+1 is signed with that signing key, then commit i+1 can be used in
channel intro.
You can’t add a signing key to the authorisations in a commit and sign that
same commit with the new key. Is that issue here?
Jake
Ludovic Courtès wrote:
> elaexuo...@wilsonb.com skribis:
>
> > Well, the catch 22 is that I've lost the original key and so can only sign
> > .guix-authorizations with the new one.
>
> Ah sorry, I misread the thing I quoted. :-)
>
> So, you have your new key. You add it to ‘.guix-authorizatio
elaexuo...@wilsonb.com skribis:
> Well, the catch 22 is that I've lost the original key and so can only sign
> .guix-authorizations with the new one.
Ah sorry, I misread the thing I quoted. :-)
So, you have your new key. You add it to ‘.guix-authorizations’ in a
commit signed with that new key
Jake wrote:
> If commit i adds a new signing key to the channel’s authorisations file and
> commit i+1 is signed with that signing key, then commit i+1 can be used in
> channel intro.
>
> You can’t add a signing key to the authorisations in a commit and sign that
> same commit with the new key.
> > from reading about guix authentication I think the new signing key
> > must be first added to the .guix-authoriations file and that commit
> > must signed with the current signing keys before the new signing
> > key can be used.
>
> Yes, it’s likely the problem; the rest of the description you
Hello,
Markku Korkeala skribis:
> On Mon, Mar 25, 2024 at 02:41:26PM +0900, elaexuo...@wilsonb.com wrote:
[...]
>> Here are the changes I've made:
>> - New public key added to keyring branch
>> - Appended new key fingerprint to .guix-authorizations (at commit X)
>> - Update introduction in .co
> from reading about guix authentication I think the new signing key
> must be first added to the .guix-authoriations file and that commit
> must signed with the current signing keys before the new signing
> key can be used.
yep. otherwise anyone with access to the origin git repo could override
On Mon, Mar 25, 2024 at 02:41:26PM +0900, elaexuo...@wilsonb.com wrote:
> Hey devs,
>
> So I lost the PGP key that I was using to sign commits on a private Guix
> channel of mine. Is there a way to introduce a hard break in my channel
> authentication?
>
> Despite updating authorization settings,
Hey devs,
So I lost the PGP key that I was using to sign commits on a private Guix
channel of mine. Is there a way to introduce a hard break in my channel
authentication?
Despite updating authorization settings, pulls complain that my latest commit
isn't signed by an authorized key.
Here are the