contrib: Replace developer keys with list of pgp fingerprints #11909
Conversation
|
Moving the keys away from this repository would loose the potential for a "verification-chain" (signed builds contains keys to verify future releaes). My long term use case is to have a binary verifier shipped with bitcoin core (same signing and verification process). Maybe we could do that once we have that use case more sketched out. |
|
@laanwj suggested leaving the key fingerprints in the main repo (#11845 (comment)) |
maflcko
force-pushed
the
Mf1712-gitianKeysDel
branch
from
fa9c9f7 to
fad7783
Compare
maflcko
changed the title
|
Concept ACK. Having the keys in a separate repository also means that we can keep the keys up to date there - no problem with commit noise, no more need for refreshing keys from gpg keyservers at the beginning of the travis build (which fails half the time).
Yes, having the key fingerprints in the main repo is enough to verify the keys are correct. |
contrib/gitian-keys/README.md
Outdated
There was a problem hiding this comment.
Maybe add a separate script? Such a large snippet is hard to copy/paste.
|
Would be nice to have names with the fingerprints. Maybe: |
maflcko
force-pushed
the
Mf1712-gitianKeysDel
branch
2 times, most recently
from
fa3dd0f to
fa38d52
Compare
|
Concept ACK |
Good point. Concept ACK |
contrib/gitian-keys/README.md
Outdated
maflcko
force-pushed
the
Mf1712-gitianKeysDel
branch
from
fa38d52 to
faeab66
Compare
|
Fixed @achow101 nit and fixed up, should be easy to re-ACK.
Happy to do that, but I think this is separate from the current goal. Will add a commit on top if others agree on that.
Note that the fingerprints of the maintenance keys are listed in https://github.com/bitcoin/bitcoin/blob/62fdf9b07087b80d2142799bdd2324f61483359d/contrib/verify-commits/trusted-keys and the ones in this folder are meant to be the ones that are used for gitian signatures. So I guess the name is fine to keep for now. |
contrib/gitian-keys/README.md
Outdated
| ## PGP keys of Gitian builders and Developers | ||
|
|
||
| This folder contains the public keys of developers and active contributors. | ||
| This list contains the public keys of Gitian builders and active developers. |
contrib/gitian-keys/keys.txt
Outdated
| E777299FC265DD04793070EB944D35F9AC3DB76A Michael Ford | ||
| 01CDF4627A3B88AAE4A571C87588242FBE38D3A8 Gavin Andresen | ||
| D3CC177286005BB8FF673294C5242A1AB3936517 jl2012 | ||
| D2D1085B9425F9DEFA06E7932270E30C522739F6 Jonas Schnelli |
There was a problem hiding this comment.
This key "D2D1085B9425F9DEFA06E7932270E30C522739F6" has expired, and I couldn't look it up. We could probably remove it given @jonasschnelli has another key listed.
| ED9BDF7AD6A55E232E84524257FF9BDBCC301009 Sjors Provoost | ||
| 77E72E69DA7EE0A148C06B21B34821D4944DE5F7 Nils Schneider | ||
| 79D00BAC68B56D422F945A8F8E3A8F3247DBCBBF Willy Ko | ||
| AEC1884398647C47413C1C3FB1179EB7347DC10D Warren Togami |
There was a problem hiding this comment.
I verified that I was able to retrieve all the other keys, and that the names listed here are correct.
|
Concept ACK |
| @@ -0,0 +1,27 @@ | |||
| 152812300785C96444D3334D17565732E08E5E41 Andrew Chow | |||
There was a problem hiding this comment.
Could you add my key fingerprints?
617C90010B3BD370B0AC7D424BB42E31C79111B8 Akira Takizawa
There was a problem hiding this comment.
Removal and addition of keys will happen in separate pull requests. You should wait until this one is merged.
Might want to help by review, though.
There was a problem hiding this comment.
@akx20000a This has been merged, you can submit your PR now
|
utACK fabb72b |
…prints fabb72b contrib: Remove xpired 522739F6 key (MarcoFalke) faeab66 contrib: Replace developer keys with list of pgp fingerprints (MarcoFalke) Pull request description: Having to host a copy of the keys in this repo was a common source of discussion and distraction, caused by problems such as: * Outdated keys. Unclear whether and when to replace by fresh copies. * Unclear when to add a key of a new developer or Gitian builder. The problems are solved by * Having no keys but only the fingerprints * Adding a rule of thumb, when to add a new key <strike>Moving the keys to a different repo solves none of these issues, but since the keys are not bound to releases or git branches of Bitcoin Core, they should live somewhere else. Obviously, all keys are hosted and distributed on key servers, but were added to the repo solely for convenience and redundancy. Moving the mirror of those keys to a different repo makes it less distracting to update them -- let's say -- prior to every major release. I updated our `doc/release-process.md` to reflect the new location. DEPENDS_ON bitcoin-core/gitian.sigs#621 </strike> Tree-SHA512: c00795a07603190e26dc4526f6ce11e492fb048dc7ef54b38f859b77dcde25f58ec4449f5cf3f85a5e9c2dd2743bde53f7ff03c8eccf0d75d51784a6b164e47d
8 participants
Having to host a copy of the keys in this repo was a common source of discussion and distraction, caused by problems such as:
The problems are solved by
Moving the keys to a different repo solves none of these issues, but since the keys are not bound to releases or git branches of Bitcoin Core, they should live somewhere else.Obviously, all keys are hosted and distributed on key servers, but were added to the repo solely for convenience and redundancy.
Moving the mirror of those keys to a different repo makes it less distracting to update them -- let's say -- prior to every major release.
I updated our
doc/release-process.mdto reflect the new location.DEPENDS_ON bitcoin-core/gitian.sigs#621