| *** AlisonChaiken has quit IRC | 00:47 | |
| *** toscalix has joined #trustable | 01:42 | |
| *** toscalix has quit IRC | 03:14 | |
| *** AlisonChaiken has joined #trustable | 05:44 | |
| *** ctbruce has joined #trustable | 08:59 | |
| *** ctbruce has quit IRC | 09:15 | |
| *** ctbruce has joined #trustable | 09:19 | |
| *** sambishop has quit IRC | 10:29 | |
| *** sambishop has joined #trustable | 10:47 | |
| *** toscalix has joined #trustable | 12:31 | |
| *** toscalix has quit IRC | 14:08 | |
| *** toscalix has joined #trustable | 14:28 | |
| *** pedroalvarez is now known as ironfoot | 14:35 | |
| *** toscalix has quit IRC | 15:37 | |
| *** AlisonChaiken has quit IRC | 15:59 | |
| *** ctbruce has quit IRC | 16:10 | |
| *** AlisonChaiken has joined #trustable | 16:52 | |
| *** toscalix has joined #trustable | 19:48 | |
| *** toscalix has quit IRC | 19:51 | |
| *** paulsherwood has joined #trustable | 20:31 | |
| paulsherwood | https://www.openchain.org | 20:31 |
|---|---|---|
| * persia wonders about how to apply that to trustable | 21:35 | |
| persia | Some ideas: | 21:35 |
| persia | 1) Record any merge to any branch in git in an organisation-specific ledger (covering multiple branches in multiple repos), to provide some assurance of continuous history | 21:36 |
| persia | 2) Record build results against a set of source trees, to provide some assurance that a given build was produced by a given set of sources | 21:37 |
| persia | 2) Record test runs against against a set of build results, so the ledger can validate if tests were run vs. spoofing of review data consumed by the gatekeeper. | 21:37 |
| persia | Err, that should have been (3) | 21:38 |
| persia | 4) Record deployments (with identified build artifacts) to provide assurance that a given deployment originally contained some state | 21:38 |
| persia | 5) Record orchestration activities for some assurance of what was supposed to happen in some deployment | 21:39 |
| * persia doesn'T have any more ideas immediately, but hopes some other folk can suggest some things: blockchain ledgers are cool and fun, but don't actually solve everything. | 21:40 | |
| persia | Hrm. Openchain seems to assume every transaction has a value. Maybe it needs more playing about to determine how to set up a single-account authenticated ledger where the text content is important, rather than the value. | 21:43 |
| * paulsherwood is unsure about openchain... it was mentioned by WR in the context of establishing a 'supply chain envelope' with ledgers | 21:45 | |
| persia | Modeling a supply chain as a set of accounts with transactions (and distributed assertion of transactions) is a nice way to deal with any later disputes about the history of what happened. It is also a good method to easily permit triggers by automation ("When I get paid, I take this action until I run out of currency" is fairly easy to implement), but I haven't learned enough about openchain to understand if it can handle transactions more | 22:37 |
| persia | complicated than simple transfer of value between accounts. | 22:37 |
| *** sambishop has quit IRC | 22:42 | |
| *** dabukalam has quit IRC | 22:46 | |
| *** sambishop has joined #trustable | 22:49 | |
| *** dabukalam has joined #trustable | 22:52 | |
Generated by irclog2html.py 2.17.3 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!