[Etoys] Key generation
Yoshiki Ohshima
yoshiki at squeakland.org
Fri Oct 20 14:33:29 EDT 2006
Hello,
> Well, Michael is a bit unsure ;-)
Wow, hehe.
> The key might still be in use for signing projects when publishing.
> If you download a project that was signed with your own key, the
> sandbox is not switched on. So having a single key for all users
> would be bad, because everyone would be trusted. Having no key means
> everyone would be distrusted, which is what we want I think.
>
> We would have to test if projects are still interchangeable between
> machines with and without key (remember to remove the key from the
> secure directory). It might be that some file offset changes if the
> key is taken out.
By looking at the code that guesses the time to generate. It is
really a guess. An aspect of it is that we can show for B-Test users
that we honors security, and one time overhead of 90-120 seconds is
not that bad for that.
I might vote for change the coefficient in the guess expression
facter of 5 and limit the number display by 99%, and we keep the
preference on.
-- Yoshiki
>
> - Bert -
>
> Am 20.10.2006 um 14:05 schrieb Scott Wallace:
>
> > I'll ask Andreas about this later today.
> >
> > Meanwhile, perhaps Bert could speak with Michael about it as well.
> >
> > Couldn't hurt to have the advice of the world's two leading
> > authorities on this subject...
> >
> > Cheers,
> >
> > -- Scott
> >
> >
> > On Oct 19, 2006, at 1:32 PM, Yoshiki Ohshima wrote:
> >
> >>> Anyway... it appears that disabling the #automaticKeyGeneration
> >>> preference keeps the key-generation from happening at start-up, yet
> >>> still allows publishing and loading projects, and still uses
> >>> MySqueak
> >>> as the default directory. Maybe that's all that's needed.
> >>
> >> I would think so. Did you try to load a project published from an
> >> image in a directory into another image in another directory?
> >>
> >>> Or perhaps, for this build, would it make sense simply to include a
> >>> pre-built squeak.keys file alongside the image, and not otherwise
> >>> tamper with the security settings?
> >>
> >> Yeah, I thought about this but I think it adds unnecessary
> >> complication.
> >>
> >> -- Yoshiki
> >> _______________________________________________
> >> Etoys mailing list
> >> Etoys at laptop.org
> >> http://mailman.laptop.org/mailman/listinfo/etoys
> >
> > _______________________________________________
> > Etoys mailing list
> > Etoys at laptop.org
> > http://mailman.laptop.org/mailman/listinfo/etoys
>
> _______________________________________________
> Etoys mailing list
> Etoys at laptop.org
> http://mailman.laptop.org/mailman/listinfo/etoys
More information about the Etoys
mailing list