[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Sustainable funding and maintenance for our infrastructure
|
From: |
Sergio Pastor Pérez |
|
Subject: |
Re: Sustainable funding and maintenance for our infrastructure |
|
Date: |
Tue, 13 Aug 2024 18:23:29 +0200 |
"Jonathan Frederickson" <jonathan@terracrypt.net> writes:
> Guix accepting substitutes from servers without trusted signing keys if the
> same substitutes are available bit-for-bit on a trusted substitute server
> felt like it could be a hint at something. But your trusted build servers
> need to have built a package anyway for you to accept the same package from
> an untrusted one, so that doesn't avoid needing a lot of computing power in a
> trusted build farm.
Hello!
Wouldn't it be enough to have a few independent seeders that have the
same derivation output? We could have a field in the p2p service type
which allows the user to configure a "level of trust", where the user
specifies the minimum number of seeders with the same output for the
daemon to accept the substitute.
Regards,
Sergio.