[sugar] XO identity shared via Browse

Luke Faraone luke at laptop.org
Thu Dec 4 21:17:06 EST 2008


On Thu, Dec 4, 2008 at 19:17, Greg Smith <gregsmitholpc at gmail.com> wrote:

> I'm copying in Devel and will drop the sugar list on further replies
> (hope that's the right netiquette in this case...).

(note: I'm not on devel, so please keep me CC'd)


>  > security)   who are the principals?
>  >   what are their goals?
>  >   what attacks concern us?
>
> GS - In general I don't want any other devices to be able to appear to
> be the XO. We can assume that the XS <-> XO is a secure network not
> visible to the outside workd (whether that is true in practice is
> another story). So I moved the encryption and stringent security
> requirements to the optional case where the XO is talking to a non-XS
> server.
>

I'd rather not make that assumption. Some schools may not have a _local_
school server (even dispite our best wishes) or a student may want to access
the server from a non-local connection. The XS, IMHO, should support the
"road warrior" use case (at least for post-registration)


-lf
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.laptop.org/pipermail/devel/attachments/20081204/f105e553/attachment.html>


More information about the Devel mailing list