<br><br><div class="gmail_quote">On Thu, Dec 11, 2008 at 5:37 AM, John Gilmore <span dir="ltr"><<a href="mailto:gnu@toad.com">gnu@toad.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<div class="Ih2E3d">> Basically we want to offer a service just for the Xos and are working now on<br>
> the authentication model.<br>
<br>
</div>Why would you want to offer a service just for machines by one manufacturer?<br>
<br>
If a kid has an XO and also has a Mac, do you want your service to<br>
refuse to run on their Mac? If so, why? It seems to me like shooting<br>
the messenger. Why would you fail to provide service to someone who<br>
only had a Windows machine, or a Fedora machine that didn't happen to<br>
be an XO? What about an Ubuntu machine that DOES happen to be an XO,<br>
does it qualify?</blockquote><div> </div><div>I don't think you get the full picture of how things are here in Uruguay. <br>Our target users will be kids with and XO and 98% of them don't have another computer. They don't have an internet connection at home, so I doubt there is ONE of them that has a MAC. <br>
<br>Apart from that, it is not that I want to block every other hardware of software, it is just a way of restricting the use to kids in the Plan Ceibal(Olpc implementation in Uruguay) in order to make it commercially viable. This will be a service that many companies will have expenses to have it functioning and it is meant to be free just for those kids on plan Ceibal.<br>
</div><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;"> And are you sure that next year's XO software and<br>
hardware will continue to meet your test? Ultimately, what "is" an<br>
XO, for your purposes? Would an XO not running Sugar still be an XO?<br>
Do you even know whether you *want* next year's XO to work with your<br>
service, or not?</blockquote><div> </div><div>I don't know if you read my last email but we aren't going to restrict the use to just kids with XO by testing against hardware or software on the XO. We will by installing a signed certificate on each XO. This is a much safer way atought it adds complexity to the deployment.<br>
We are going to use a shared certificate authority scheme following the OASIS WSS standard. <br></div><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<br>
It's far better to make your system depend on the presence of<br>
*features* that you depend on. If it needs a Python client, then ok,<br>
it doesn't run on machines without Python. X Window System<br>
dependency, ok, it's clear that Mac and Windows users will have to go<br>
an extra mile to use it. Test for features you actually need! Then<br>
don't add extra tests for random features (like /ofw/model) that you<br>
DON'T actually need.</blockquote><div><br>Our client app does depend on X, python and and some other libs inside the XO <br></div><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<br>
<br>
Almost all the schemes I see like this are poorly thought through --<br>
like most vendors' DRM systems (the sort where they decommission the<br>
key server after a few years, then are surprised at the public<br>
protest, then change their mind). Perhaps yours is not, but that<br>
would be noteworthy.</blockquote><div><br>Thanks for your comments John <br></div><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;"><font color="#888888"><br>
John<br>
</font></blockquote></div><br>