limits to verifiability

Ludovic Courtès ludo at gnu.org
Sun Nov 26 14:50:58 UTC 2023


Hello,

ahojlm at 0w.se skribis:

> The practicality of SSSBEA-CODRB means that the efforts aimed at
> *minimizing the starting binary seed* and at creation of an
> *inspectable-in-binary-form* seed like e.g. in GNU
> Mes[11]<sup>,</sup>[12] seem misdirected, such a seed is now known to be
> unnecessary for a full-integrity bootstrap.
>
> The use of a misnomer “full-source bootstrap” denoting the intention to
> treat the binary seed as if it were source[13] may regrettably have
> contributed to the disorientation of the development.

I agree that diverse-double compilation and what’s described here as
“self-sufficient source-to-binary equivalence assurance via consensus of
diverse reproducible builds” are valuable approaches to establishing
trust in binaries.

This approach is different from the one taken in Guix, live-bootstrap,
and Freedesktop-SDK (with Mes, stage0, and related projects making it
possible), but both have their merits.

I disagree that “full-source bootstrap” is a misnomer, let alone that it
“disoriented” development.  For one thing, it has demonstrated its
“practicality” since it’s actually used today.


Now, only recently did I catch up on rb-general.  What I’ve seen in
recent threads is a pattern of attacks, including repeated personal
attacks, that have little to do with the technical merits of this or
that approach.  I wish moderators of this list would speak up and set
limits on what behavior is acceptable in Reproducible Builds fora.

Thanks in advance,
Ludo’.


More information about the rb-general mailing list