From 78d3cdcae4dfa8d6b1a445ebdd3f56c129ed9935 Mon Sep 17 00:00:00 2001 From: David Christiansen Date: Mon, 18 Jul 2022 13:10:53 +0200 Subject: [PATCH] Remove operational and mirror keys from bootstrap key set The list of keys passed to the Hackage Security setup should be the bootstrap root keys, rather than all keys used. There are three kinds of keys used with Hackage Security today: * root keys, which are the community roots of trust, kept offline and distributed among trusted community members, * operational keys, which are kept in memory on Hackage and used for ongoing cryptographic signatures of the timestamp file and index, * and mirror keys, which are used to sign the mirror list. Tools that wish to interact with Hackage need to carry a bootstrap set of root keys to solve the chicked-and-egg problem. These are five root keys that are implicitly trusted. These keys are used to sign root.json in Hackage, which then specifies which additional keys are available and used. The list here, however, contains all the keys, rather than just the bootstrap root keys. --- src/Pantry.hs | 4 ---- 1 file changed, 4 deletions(-) diff --git a/src/Pantry.hs b/src/Pantry.hs index 71ac1c76..ebf6b908 100644 --- a/src/Pantry.hs +++ b/src/Pantry.hs @@ -289,12 +289,8 @@ defaultHackageSecurityConfig = HackageSecurityConfig { hscKeyIds = [ "0a5c7ea47cd1b15f01f5f51a33adda7e655bc0f0b0615baa8e271f4c3351e21d" , "1ea9ba32c526d1cc91ab5e5bd364ec5e9e8cb67179a471872f6e26f0ae773d42" - , "280b10153a522681163658cb49f632cde3f38d768b736ddbc901d99a1a772833" - , "2a96b1889dc221c17296fcc2bb34b908ca9734376f0f361660200935916ef201" , "2c6c3627bd6c982990239487f1abd02e08a02e6cf16edb105a8012d444d870c3" , "51f0161b906011b52c6613376b1ae937670da69322113a246a09f807c62f6921" - , "772e9f4c7db33d251d5c6e357199c819e569d130857dc225549b40845ff0890d" - , "aa315286e6ad281ad61182235533c41e806e5a787e0b6d1e7eef3f09d137d2e9" , "fe331502606802feac15e514d9b9ea83fee8b6ffef71335479a2e68d84adc6b0" ] , hscKeyThreshold = 3