From 752f967c0fe2489fe13d8c2c65c3ecba72064adc Mon Sep 17 00:00:00 2001 From: John Ericson Date: Thu, 22 Sep 2022 10:43:48 -0400 Subject: "valid signature" -> "trustworthy signature" I just had a colleague get confused by the previous phrase for good reason. "valid" sounds like an *objective* criterion, e.g. and *invalid signature* would be one that would be trusted by no one, e.g. because it misformatted or something. What is actually going is that there might be a signature which is perfectly valid to *someone else*, but not to the user, because they don't trust the corresponding public key. This is a *subjective* criterion, because it depends on the arbitrary and personal choice of which public keys to trust. I therefore think "trustworthy" is a better adjective to use. Whether something is worthy of trust is clearly subjective, and then "trust" within that word nicely evokes `trusted-public-keys` and friends. --- tests/signing.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'tests/signing.sh') diff --git a/tests/signing.sh b/tests/signing.sh index 6aafbeb91..74f57966a 100644 --- a/tests/signing.sh +++ b/tests/signing.sh @@ -81,7 +81,7 @@ info=$(nix path-info --store file://$cacheDir --json $outPath2) [[ $info =~ 'cache1.example.org' ]] [[ $info =~ 'cache2.example.org' ]] -# Copying to a diverted store should fail due to a lack of valid signatures. +# Copying to a diverted store should fail due to a lack of trustworthy signatures. chmod -R u+w $TEST_ROOT/store0 || true rm -rf $TEST_ROOT/store0 (! nix copy --to $TEST_ROOT/store0 $outPath) -- cgit v1.2.3