[OLPC Security] Extending theft-deterrence to support delegation.
Morgan Collett
morgan.collett at gmail.com
Fri Jun 13 05:46:32 EDT 2008
On Fri, Jun 13, 2008 at 01:40, C. Scott Ananian <cscott at laptop.org> wrote:
> On Thu, Jun 12, 2008 at 7:27 PM, Michael Stone <michael at laptop.org> wrote:
>> It's sad that we have no good way to specifying groups
>> of serial numbers or delegation to an online S/N authority. Can we do
>> any better there?
>
> I agree (this is the thrust of my response to Chema as well), but I
> feel that it is likely out of scope for this release. Again, I don't
> feel like we can rely on an online authority for this release, and the
> offline mechanisms seem too clumsy to work well.
>
> As a strawman: instead of a serial number in the sig02 format, we use
> an md5 hash. This hash must be the exact hash of a separate file
> listing serial numbers, one per line. Now we just have to maintain
> these files, handle the cases where we add a laptop to the file and
> now have to maintain multiple copies, name them, find them on USB
> keys, etc, etc.
By md5, you meant sha-256, right? :)
> I'd prefer to first tackle the problem I've got a good solution for,
> and defer the "arbitrary sets of serial numbers" case until we can't
> do without it.
Morgan
More information about the Security
mailing list