Dodge "trusted" vs "trustworthy" by being explicit

Hopefully this is best!
author: John Ericson <git@JohnEricson.me> 2022-09-22 14:36:26 -0400
committer: John Ericson <John.Ericson@Obsidian.Systems> 2022-09-22 14:37:52 -0400
commit: a2a8cb10ac17e03691b9f73ae14e5b6edbe66f4e (patch)
tree: 6fb858a2888f081681cd957d3f7e9a1e5d173f32 /src/libstore/globals.hh
parent: 752f967c0fe2489fe13d8c2c65c3ecba72064adc (diff)
1 files changed, 9 insertions, 3 deletions
diff --git a/src/libstore/globals.hh b/src/libstore/globals.hh
index fb8f810c2..e2bb0ffc9 100644
--- a/src/libstore/globals.hh
+++ b/src/libstore/globals.hh
@@ -560,9 +560,15 @@ public:
         R"(
           If set to `true` (the default), any non-content-addressed path added
           or copied to the Nix store (e.g. when substituting from a binary
-          cache) must have a trustworthy signature, that is, be signed using one of
-          the keys listed in `trusted-public-keys` or `secret-key-files`. Set
-          to `false` to disable signature checking.
+          cache) must have a signature by a key we trust. A trusted key is one
+          listed in `trusted-public-keys`, or a public key counterpart to a
+          private key stored in a file listed in `secret-key-files`.
+          
+          Set to `false` to disable signature checking and trust all
+          non-content-addressed paths unconditionally.
+          
+          (Content-addressed paths are inherently trustworthy and thus
+          unaffected by this configuration option.)
         )"};
 
     Setting<StringSet> extraPlatforms{
author	John Ericson <git@JohnEricson.me>	2022-09-22 14:36:26 -0400
committer	John Ericson <John.Ericson@Obsidian.Systems>	2022-09-22 14:37:52 -0400
commit	a2a8cb10ac17e03691b9f73ae14e5b6edbe66f4e (patch)
tree	6fb858a2888f081681cd957d3f7e9a1e5d173f32 /src/libstore/globals.hh
parent	752f967c0fe2489fe13d8c2c65c3ecba72064adc (diff)