[sugar] XO identity shared via Browse

Martin Langhoff martin.langhoff at gmail.com
Tue Dec 2 17:42:46 EST 2008 

On Tue, Dec 2, 2008 at 8:19 PM, Sebastian Silva
<sebastian at fuentelibre.org> wrote:
>> That's a different model. We want the openID _provider_ to be either on the
>> laptop itself or on the school server. Since the _server_ has a changing
>> FQDN, this becomes harder. The solution would be to propose a change to the
>> protocol or register the school servers domains (or subs) with a Dynamic DNS
>> provider.
>>
> Now we are talking, this is only a technical problem.

Hi! We've discussed openid several times on this list -- do google the
archives for the full argument :-) --

It's reasonably likely that the XS will be an OpenID IDP (noting all
the serious caveats around OpenID that make it a phishing-magnet), but
_first_ the laptop needs to identify itself to the xS.

So we are talking about that first step. As you've spotted, we can't
use openID there. The plans that seem viable, after a lot of
consideration, are

 - A backchannel call using SSH - Browse.xo when connecting to
something that looks like the XS will trigger an ssh connection to the
server, grab a one-time-use token over the ssh connection and use it
to prove its identity over http.

 - A challenge-response call using the fact that the XS knows the
public SSH key of the XO. So Browse could request a special url, the
XS respond with a random string that the XO has to sign with its key
and post it back to the XS - which can verify the sig.

Once that step happens, the XS hands a cookie to the XO (the process
above is fairly expensive!). From that point onwards, we are
vulnerable to spoofing unless we switch to https (which we will
eventually do, but right now is very complicated for a long list of
reasons).

If we could switch to https easily, we could skip all this song and
dance and just use client certs.

cheers,




m
-- 
 martin.langhoff at gmail.com
 martin at laptop.org -- School Server Architect
 - ask interesting questions
 - don't get distracted with shiny stuff  - working code first
 - http://wiki.laptop.org/go/User:Martinlanghoff

More information about the Sugar mailing list