Please review the draft for May's report
Bernhard M. Wiedemann
bernhardout at lsmod.de
Tue Jun 9 10:31:23 UTC 2020
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Am 08.06.20 um 07:52 schrieb Daniel Shahaf:
> Besides, there was no question, no concrete request, no clickable
> URL…
https://walletscrutiny.com/ was mentioned, though.
IMHO an interesting and worthwhile project. It probably could use more
automation in verifying reproducibility.
How would the app-update workflow work in a perfect world, where we do
not have to trust the app builder?
Maybe like this:
1. developer pushes a signed git tag to the official repo
2. multiple independent builders build binaries and sign some
"buildinfo" about source+binary hashes, publish it to some
buildinfo-collection place.
3. after N trusted rebuilders agreed on what the correct binary should
be, the app-store (e.g. F-Droid) publishes the binary for all users
3b. in theory, this could use anonymous uploads, where anyone can
upload a binary to server.domain.tld/public/HASH as long as the HASH
of the upload is the correct one.
4. F-Droid client pulls new app version and signed buildinfo files and
checks if F-Droid server did the right thing
-----BEGIN PGP SIGNATURE-----
iHUEARYIAB0WIQTykslvYmKwlIQesLNdovN53d8CLgUCXt9k9gAKCRBdovN53d8C
LhryAP4rk1Zbq43fZlHSWI827+0RduubzlXHCI0eSRZ8nQ6AqQD+OdP6VPv0jGJY
No8c1w/vVesP5PJwafgVoV5Vp8TgIgQ=
=GCT2
-----END PGP SIGNATURE-----
More information about the rb-general
mailing list