[sugar] XO identity shared via Browse

Sebastian Silva sebastian at fuentelibre.org
Tue Dec 2 18:45:37 EST 2008 

> I'm less sure, though.  I'd prefer a standard system.
+1

>One interesting
> option is OpenID authentication over Jabber (standardized as XEP-0070),
> e.g. http://openid.xmpp.za.net/.  In this system, OpenID authentication
> requests appear to the user as chat messages.  This means that the
> Identity Provider can live on any jabber server with which the school
> server is federated.  In fact, if we can accept standard chat invitations
> in the UI, we could simply federate the school server with xmpp.za.net and
> declare victory!
Yes and no. Yes, jabber integration will make the GUI better. I'd
suggest resource access requests (authentication is already done via
jabber) NOT show as chat messages of course (even if using XMPP
internally).

>
> Architecturally, this approach is appealing to me because Jabber IDs, not
> SSH pubkeys, are our principal identifiers.  It also gives us the
> flexibility of putting the identity provider almost anywhere.
This is exactly what OpenID is made for.

> If the XO
> runs its own jabber server,
Oh no I would not go there no way! Perhaps it can respond (and
confirm) resource access requests via having a http identity provider,
as suggested in prior message.

> then the identity provider can live on the XO
> or any jabber server with which the XO is federated.
Why on earth would you run a jabber server on your XO?

> An ideal form of this scheme would include creating an implementation of
> XEP-0070 (still standard-compliant) that sends the authentication approval
> request over XMPP in a machine-readable format, to be received by a
> consumer on the XO that approves or denies the request, possibly based on
> some interaction in a special-purpose GUI.
Yes, or perhaps no gui is needed if the point is just to identify the laptop?

> - --Ben
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v2.0.9 (GNU/Linux)
>
> iEYEARECAAYFAkk1xM8ACgkQUJT6e6HFtqQYOwCfX94DBVpPikPkvmDGkaXYezgV
> Ql0AoIg7iizkouSv7Ake6856qJT/GqRM
> =SJ0s
> -----END PGP SIGNATURE-----
> _______________________________________________
> Sugar mailing list
> Sugar at lists.laptop.org
> http://lists.laptop.org/listinfo/sugar
>



-- 
Sebastian Silva
Iniciativa FuenteLibre
http://blog.sebastiansilva.com/

More information about the Sugar mailing list