On Tue, Dec 02, 2008 at 03:56:06PM -0500, Greg Smith wrote:

> We're mostly thinking of the school server as the server side but a
> more generic solution may be acceptable.

I'm relatively comfortable with our vague identity plans for the XS but
I'd like to know more about your idea for "a more generic solution"
before going further in that direction.

>That's one example. I would also like any Web server to be able to 
>extract the XO identity and use it in CGI (e.g. PHP) for processing.

"What could possibly go wrong?" -- anonymous.

>I put a stub of a requirement for it on our roadmap here:

This seems decent so far.

>Do you have any ideas or designs for how we can achieve that?

We discussed it at SugarCamp. The essential idea from that discussion
was to have the XO and the XS exchange certs at registration time so
that they can later prove their identities to one another on demand.

The tricky bits involve scope, security, users, and maintenance:

   what are we proving identity to? e.g.:
      one single XS, ever.
      one single XS, whichever we're currently registered with
      several servers at once
      other XOs
   what software, on the XO, should be responsible for proving identity?
      if Browse, how does Browse talk to the registration code?
      if Browse, what about Gmail, Help, WikiBrowse, ...
      if something else, how does the something else talk to Browse?
   when should we make use of an ability to prove user identity?

   who are the principals?
   what are their goals?
   what attacks concern us?

   what do we do if something looks wrong?
      fail silently?
      log an error somewhere?
      fail loudly?
      are there any user overrides?
   can I turn this off?
   can I have multiple identities?
   can I share my identity with someone else?

   what happens if the user loses their laptop and gets a new one?
   what happens if the server breaks and a new one is installed?
   what happens if I move from an old school to a new one?
   what happens when the XO's software is upgraded? downgraded?


Sugar mailing list

Reply via email to