[Haskell-community] Hackage Roots of Trust

Jason Dagit dagitj at gmail.com
Wed Sep 16 17:02:24 UTC 2015


Somewhat related to this, I got an email reminder from GlobalSign today
saying our cert expires soon, mid-November. I've currently been the one
that registers/renews the cert. Perhaps part of the discussion around our
roots of trust will include a discussion of how to manage this cert?

Thanks,
Jason

On Tue, Sep 15, 2015 at 6:35 PM, Gershom B <gershomb at gmail.com> wrote:

> At the Haskell Implementor's Workshop at ICFP, Duncan gave a talk on
> the work on security and package infrastructure that has been going
> on:
>
> https://www.youtube.com/watch?v=D9juHHlnayI
>
> One element of that, which was turned over the committee to figure out
> is who our actual roots of trust would be, in the same sense that
> there are root certificates for TLS and https authentication, etc.
>
> at the Haskell Symposium itself, I gave a quick lightning talk on the
> work the committee had done in this regard:
>
> https://www.youtube.com/watch?v=U8ISiSXV2c0
>
> (If you are interested in verifying your communications with Duncan by
> the way, and if you trust the video is undoctored, then his GPG key
> fingerprint appears on it, which may be of some use.)
>
> We did in fact get some keysigning done at the conference, and we also
> secured a fair number of keys from the roots of trust we co-ordinated,
> though some followup work remains to be done there. We certainly
> already have enough in hand to bootstrap the process as the hackage
> security work gets fully rolled out.
>
> One related discussion we started to have was if we might want to do
> haskell community funding for "phase two" of the update framework
> rollout, as discussed in Duncan's talk -- that phase where we not only
> implement server trust and signing, but also author signing.
>
> Apropos of nothing, but a related thought/question I had was if there
> would be interest in making cabal files themselves more potentially
> secure in the manner of the LIO / HLIO work [1]. Having a better chain
> of trust seems to somewhat obviate the need here, but it does seem
> like something worth considering. Similar mechanisms might also be
> worth integrating into template haskell IO for that matter. However,
> one concern is that the worth of these approaches depends in part on
> good SafeHaskell takeup, which has a whole bunch of obstacles in
> itself :-)
>
> Cheers,
> Gershom
>
> [1]
> http://www.cse.chalmers.se/~russo/publications_files/hybrid-icfp2015.pdf
> and https://hackage.haskell.org/package/lio-0.11.5.0 and
> http://www.scs.stanford.edu/~deian/pubs/stefan:2014:building-haskell.pdf
> _______________________________________________
> Haskell-community mailing list
> Haskell-community at haskell.org
> http://mail.haskell.org/cgi-bin/mailman/listinfo/haskell-community
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.haskell.org/pipermail/haskell-community/attachments/20150916/28b8113a/attachment.html>


More information about the Haskell-community mailing list