You might want to think about expiration dates for signatures so nobody is able to present you an old channel bump (with severe issues) instead of the current one... Ofc that isn't really in the spirit of how the binary cache currently work so you'll be back at a nixos.org/channels/… file that must be generated regulary (daily? weekly?). Just my 2 cents..
andi-, would that be handled by not allowing "upgrading" to a version older than the current one unless the user explicitly requests it?
i think i heard about hackage implementing something called the Update protocol or something that might be interesting though
infinisil has quit [Quit: Configuring ZNC, sorry for the joins/quits!]
infinisil has joined #nixos-security
justanotheruser has quit [Ping timeout: 264 seconds]