contrib: Replace developer keys with list of pgp fingerprints #11909

pull MarcoFalke wants to merge 2 commits into bitcoin:master from MarcoFalke:Mf1712-gitianKeysDel changing 29 files +45 −2876
  1. MarcoFalke commented at 6:13 PM on December 15, 2017: member

    Having to host a copy of the keys in this repo was a common source of discussion and distraction, caused by problems such as:

    • Outdated keys. Unclear whether and when to replace by fresh copies.
    • Unclear when to add a key of a new developer or Gitian builder.

    The problems are solved by

    • Having no keys but only the fingerprints
    • Adding a rule of thumb, when to add a new key

    <strike>Moving the keys to a different repo solves none of these issues, but since the keys are not bound to releases or git branches of Bitcoin Core, they should live somewhere else.

    Obviously, all keys are hosted and distributed on key servers, but were added to the repo solely for convenience and redundancy.

    Moving the mirror of those keys to a different repo makes it less distracting to update them -- let's say -- prior to every major release.

    I updated our doc/release-process.md to reflect the new location.

    DEPENDS_ON https://github.com/bitcoin-core/gitian.sigs/pull/621 </strike>

  2. MarcoFalke added the label Build system on Dec 15, 2017
  3. MarcoFalke added the label Docs on Dec 15, 2017
  4. jonasschnelli commented at 9:48 PM on December 15, 2017: contributor

    Moving the keys away from this repository would loose the potential for a "verification-chain" (signed builds contains keys to verify future releaes). Shipping the keys in a verifiable binary (or now via the tar ball) adds additional security.

    My long term use case is to have a binary verifier shipped with bitcoin core (same signing and verification process). Therefore we could add keys (probably new secp256k1 keys) to the binary and allow verification of future releases.

    Maybe we could do that once we have that use case more sketched out.

  5. meshcollider commented at 9:53 PM on December 15, 2017: contributor

    @laanwj suggested leaving the key fingerprints in the main repo (https://github.com/bitcoin/bitcoin/pull/11845#issuecomment-351387138)

  6. MarcoFalke force-pushed on Dec 16, 2017
  7. MarcoFalke renamed this:
    Gitian: Move keys to sigs repo
    contrib: Replace developer keys with list of pgp fingerprints
    on Dec 16, 2017
  8. laanwj commented at 11:16 AM on December 16, 2017: member

    Concept ACK.

    Having the keys in a separate repository also means that we can keep the keys up to date there - no problem with commit noise, no more need for refreshing keys from gpg keyservers at the beginning of the travis build (which fails half the time).

    @laanwj suggested leaving the key fingerprints in the main repo

    Yes, having the key fingerprints in the main repo is enough to verify the keys are correct.

  9. in contrib/gitian-keys/README.md:22 in fad7783a8a outdated 
      24 | +
  25 | +To fetch keys of Gitian builders and active developers, feed the list of
  26 | +fingerprints of the primary keys into gpg:
  27 | +
  28 | +```sh
  29 | +echo "
    laanwj commented at 4:29 PM on December 16, 2017:

    Maybe add a separate script? Such a large snippet is hard to copy/paste.

  10. luke-jr commented at 4:41 PM on December 16, 2017: member

    Would be nice to have names with the fingerprints.

    Maybe:

    ...
AEC1884398647C47413C1C3FB1179EB7347DC10D John Doe
" | while read fingerprint keyholder_name; do
...
  11. MarcoFalke force-pushed on Dec 16, 2017
  12. MarcoFalke force-pushed on Dec 16, 2017
  13. meshcollider commented at 7:36 PM on December 16, 2017: contributor

    Concept ACK

  14. jonasschnelli commented at 7:44 AM on December 17, 2017: contributor

    Having the keys in a separate repository also means that we can keep the keys up to date there - no problem with commit noise, no more need for refreshing keys from gpg keyservers at the beginning of the travis build (which fails half the time).

    Good point.

    Concept ACK

  15. in contrib/gitian-keys/README.md:3 in fa38d529a7 outdated 
       0 | @@ -1,16 +1,26 @@
   1 | -PGP keys
   2 | -========
   3 | +## PGP keys of Gitian builders and Developers
   4 |  
   5 | -This folder contains the public keys of developers and active contributors.
   6 | +This list contains the public keys of Gitian builers and active developers.
    achow101 commented at 4:03 PM on December 17, 2017:

    s/builers/builders

  16. achow101 commented at 4:12 PM on December 17, 2017: member

    utACK fa38d529a75a6cd1a51326c05170b3db2606fd14 modulo typo

    Maybe this should include the fingerprint of the release key too?

    It might also be better to move this to a more generic pgp keys folder instead of specifically gitian-keys.

  17. contrib: Replace developer keys with list of pgp fingerprints faeab66f88
  18. MarcoFalke force-pushed on Dec 18, 2017
  19. MarcoFalke commented at 4:16 AM on December 18, 2017: member

    Fixed @achow101 nit and fixed up, should be easy to re-ACK.

    Maybe this should include the fingerprint of the release key too?

    Happy to do that, but I think this is separate from the current goal. Will add a commit on top if others agree on that.

    It might also be better to move this to a more generic pgp keys folder instead of specifically gitian-keys.

    Note that the fingerprints of the maintenance keys are listed in https://github.com/bitcoin/bitcoin/blob/62fdf9b07087b80d2142799bdd2324f61483359d/contrib/verify-commits/trusted-keys and the ones in this folder are meant to be the ones that are used for gitian signatures. So I guess the name is fine to keep for now.

  20. in contrib/gitian-keys/README.md:3 in faeab66f88 outdated 
       0 | @@ -1,16 +1,26 @@
   1 | -PGP keys
   2 | -========
   3 | +## PGP keys of Gitian builders and Developers
   4 |  
   5 | -This folder contains the public keys of developers and active contributors.
   6 | +This list contains the public keys of Gitian builders and active developers.
    fanquake commented at 8:24 AM on December 19, 2017:

    nit: "keys.txt contains"

  21. in contrib/gitian-keys/keys.txt:13 in faeab66f88 outdated 
       8 | +BF6273FAEF7CC0BA1F562E50989F6B3048A116B5 Dev Random
   9 | +9A1689B60D1B3CCE9262307A2F40A9BF167FBA47 Erik Mossberg (erkmos)
  10 | +E777299FC265DD04793070EB944D35F9AC3DB76A Michael Ford
  11 | +01CDF4627A3B88AAE4A571C87588242FBE38D3A8 Gavin Andresen
  12 | +D3CC177286005BB8FF673294C5242A1AB3936517 jl2012
  13 | +D2D1085B9425F9DEFA06E7932270E30C522739F6 Jonas Schnelli
    fanquake commented at 8:34 AM on December 19, 2017:

    This key "D2D1085B9425F9DEFA06E7932270E30C522739F6" has expired, and I couldn't look it up. We could probably remove it given @jonasschnelli has another key listed.

  22. contrib: Remove xpired 522739F6 key fabb72baa2
  23. in contrib/gitian-keys/keys.txt:28 in faeab66f88 outdated 
      23 | +D762373D24904A3E42F33B08B9A408E71DAAC974 Pieter Wuille (Location: Leuven, Belgium)
  24 | +133EAC179436F14A5CF1B794860FEB804E669320 Pieter Wuille
  25 | +ED9BDF7AD6A55E232E84524257FF9BDBCC301009 Sjors Provoost
  26 | +77E72E69DA7EE0A148C06B21B34821D4944DE5F7 Nils Schneider
  27 | +79D00BAC68B56D422F945A8F8E3A8F3247DBCBBF Willy Ko
  28 | +AEC1884398647C47413C1C3FB1179EB7347DC10D Warren Togami
    fanquake commented at 8:35 AM on December 19, 2017:

    I verified that I was able to retrieve all the other keys, and that the names listed here are correct.

  24. practicalswift commented at 7:12 PM on December 19, 2017: contributor

    Concept ACK

  25. in contrib/gitian-keys/keys.txt:1 in fabb72baa2 
       0 | @@ -0,0 +1,27 @@
   1 | +152812300785C96444D3334D17565732E08E5E41 Andrew Chow
    unknown commented at 3:18 PM on December 27, 2017:

    Could you add my key fingerprints? 617C90010B3BD370B0AC7D424BB42E31C79111B8 Akira Takizawa

    MarcoFalke commented at 4:33 PM on December 27, 2017:

    Removal and addition of keys will happen in separate pull requests. You should wait until this one is merged.
    Might want to help by review, though.

    laanwj commented at 2:56 PM on February 6, 2018:

    @akx20000a This has been merged, you can submit your PR now

  26. unknown changes_requested
  27. laanwj commented at 2:49 PM on February 6, 2018: member

    utACK fabb72b

  28. laanwj merged this on Feb 6, 2018
  29. laanwj closed this on Feb 6, 2018
  30. laanwj referenced this in commit 88971352f6 on Feb 6, 2018
  31. MarcoFalke deleted the branch on Feb 7, 2018
  32. DrahtBot locked this on Sep 8, 2021
Contributors
MarcoFalkejonasschnellimeshcolliderlaanwjluke-jrachow101fanquakepracticalswift
Labels
DocsBuild system
github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2026-04-17 06:15 UTC
This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me