On Mon, Apr 13, 2015 at 10:02:45AM +0000, Michael Snoyman wrote:
I wrote up a strawman proposal last week[5] which clearly needs work to be a realistic option. My question is: are people interested in moving forward on this? If there's no interest, and everyone is satisfied with continuing with the current Hackage-central-authority, then we can proceed with having reliable and secure services built around Hackage. But if others- like me- would like to see a more secure system built from the ground up, please say so and let's continue that conversation.
I finished reading the proposal, the only minor remark I have is on this sentence: " Each signature may be revoked using standard GPG revokation. It is the /key/ being revoked really, not the single signature (in our case it would mean revoking every-package-version-or-revision-signed-by-that-key). This in turn highlights the need for a well defined process on how to handle "key transitions" (task left to the single implementators). A distributed and secure hackage sounds like a dream, I really hope this comes to life!