[Etoys] Key generation
Alan Kay
alan.kay at squeakland.org
Fri Oct 20 14:52:55 EDT 2006
How about just putting up an advisory message that says something like:
"This is a one-time pause to generate a special key to ensure
security in Squeak Etoys"
I.e. just tell the end-user what you are doing. This will be
sufficient for this build. (And the division by 5 sounds good.)
Cheers,
Alan
At 11:33 AM 10/20/2006, Yoshiki Ohshima wrote:
> Hello,
>
> > Well, Michael is a bit unsure ;-)
>
> Wow, hehe.
>
> > The key might still be in use for signing projects when publishing.
> > If you download a project that was signed with your own key, the
> > sandbox is not switched on. So having a single key for all users
> > would be bad, because everyone would be trusted. Having no key means
> > everyone would be distrusted, which is what we want I think.
> >
> > We would have to test if projects are still interchangeable between
> > machines with and without key (remember to remove the key from the
> > secure directory). It might be that some file offset changes if the
> > key is taken out.
>
> By looking at the code that guesses the time to generate. It is
>really a guess. An aspect of it is that we can show for B-Test users
>that we honors security, and one time overhead of 90-120 seconds is
>not that bad for that.
>
> I might vote for change the coefficient in the guess expression
>facter of 5 and limit the number display by 99%, and we keep the
>preference on.
>
>-- Yoshiki
>
>
> >
> > - Bert -
> >
> > Am 20.10.2006 um 14:05 schrieb Scott Wallace:
> >
> > > I'll ask Andreas about this later today.
> > >
> > > Meanwhile, perhaps Bert could speak with Michael about it as well.
> > >
> > > Couldn't hurt to have the advice of the world's two leading
> > > authorities on this subject...
> > >
> > > Cheers,
> > >
> > > -- Scott
> > >
> > >
> > > On Oct 19, 2006, at 1:32 PM, Yoshiki Ohshima wrote:
> > >
> > >>> Anyway... it appears that disabling the #automaticKeyGeneration
> > >>> preference keeps the key-generation from happening at start-up, yet
> > >>> still allows publishing and loading projects, and still uses
> > >>> MySqueak
> > >>> as the default directory. Maybe that's all that's needed.
> > >>
> > >> I would think so. Did you try to load a project published from an
> > >> image in a directory into another image in another directory?
> > >>
> > >>> Or perhaps, for this build, would it make sense simply to include a
> > >>> pre-built squeak.keys file alongside the image, and not otherwise
> > >>> tamper with the security settings?
> > >>
> > >> Yeah, I thought about this but I think it adds unnecessary
> > >> complication.
> > >>
> > >> -- Yoshiki
> > >> _______________________________________________
> > >> Etoys mailing list
> > >> Etoys at laptop.org
> > >> http://mailman.laptop.org/mailman/listinfo/etoys
> > >
> > > _______________________________________________
> > > Etoys mailing list
> > > Etoys at laptop.org
> > > http://mailman.laptop.org/mailman/listinfo/etoys
> >
> > _______________________________________________
> > Etoys mailing list
> > Etoys at laptop.org
> > http://mailman.laptop.org/mailman/listinfo/etoys
>_______________________________________________
>Etoys mailing list
>Etoys at laptop.org
>http://mailman.laptop.org/mailman/listinfo/etoys
More information about the Etoys
mailing list