You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
partial verification: only those bits with an authorisation & releases file
handle version field (compare) and future-proof (what to do with a file with a higher version? ignore? assume that files will only be extended, basic semantic will always be valid)
safety in Conex_persistency: read and write can fail (currently throwing exceptions)
build system
encrypt private keys (write the PKCS supporting code in X.509)
remove keystore, only idx is signed
integrate publickey and index (on disk, load_id, write_id)
sign accounts
now that Publickey has a type (atm RSA = 0) in Conex_data_persistency, we should add a type and id to signature as well, shouldn't we?
monotonicity requirements should be pure and in Conex_repository
separation:
conex (still need to parametrise IO, ~~~crypto~~~, and ~~~Logs~~~)
conex.unix (see Conex_persistency)
conex_verify (binary using conex-core with openssl crypto provider (todo), uses conex.unix IO (done), and custom Logs (done))
conex.ext (depends on Logs and nocrypto)
conex_author (binary using conex.ext and conex.unix to sign stuff (maybe rename to conex_sign?))
timestamp service (using conex.ext, and a MirageOS Conex_persistency (or Conex_provider): private key material has to be provided via other means (Conex_sign uses e.g. Unix.getenv "HOME")
tool (analysis)
infer actual maintainers and teams for smooth transition (analysis/maintainer.ml)
author-guided view: for a GitHub id, show team membership and authorised package
empirical data (downloads: popular packages, adaption rate of new releases)
empirical data (repo: median/average time between releases and new packages)
tool (verify)
accept TA fingerprints via commandline
quorum passed via commandline
strict (only accept everything signed) non-strict (if there is a releases file, all must be signed)
full (initial) verification vs incremental
tool (author) - warns on read&verification errors
generate key (+public info)
sign package (+all releases +authorise me)
sign release Y of package X
renew key
apply for/revoke team membership
find local changes (and approve them in your index, although not janitor/authorised)
tool (janitor)
revoke key
locate PRs which need signatures
sign PR X
tool (snapshot)
isolate Unix dependencies (in Conex_persistency used by Conex_provider, Conex_private (and Conex_opam_layout))
implement
tool (future)
report statistics (whom do I trust, who is central)
blacklist &/| whitelist specific keys locally (I don't trust A)
who owns P (extending all Ts)?, what becomes invalid if A would be no longer be member of T?
The text was updated successfully, but these errors were encountered:
code (library)
sign_index
ignores atm)check_
function,private
constructors?)Publickey
has a type (atm RSA = 0) inConex_data_persistency
, we should add a type and id to signature as well, shouldn't we?Conex_repository
separation:
conex
(still need to parametrise IO, ~~~crypto~~~, and ~~~Logs~~~)conex.unix
(seeConex_persistency
)conex_verify
(binary usingconex-core
withopenssl
crypto provider (todo), usesconex.unix
IO (done), and customLogs
(done))conex.ext
(depends onLogs
andnocrypto
)conex_author
(binary usingconex.ext
andconex.unix
to sign stuff (maybe rename toconex_sign
?))timestamp
service (usingconex.ext
, and a MirageOSConex_persistency
(orConex_provider
): private key material has to be provided via other means (Conex_sign
uses e.g.Unix.getenv "HOME"
)tool (analysis)
tool (verify)
tool (author) - warns on read&verification errors
tool (janitor)
tool (snapshot)
tool (future)
The text was updated successfully, but these errors were encountered: