Re: XO-1 developer key does not work

Mon, 14 Mar 2011 17:03:24 -0700 

Sridhar -

Yes, that's correct.  Multiple valid keys weakens security, since the same 
rights can be obtained from multiple sources.

Handling your own key-issuing authority is something we fully support, but it 
is a complex and substantial undertaking.  It requires a reasonable commitment 
to both initial and ongoing staffing infrastructure on your end.  I won't 
advise you not to consider it, but if you're considering it you should take it 
very seriously.

That is particularly true if you are interested in replacing OLPC's various 
keys with your own (rather than adding to them).  If you do so you can get 
yourself into situations in which no one else can help you.  The very 
well-organized and professional team at Plan Ceibal (who replace OLPC's keys 
with their own) have had a few difficulties in the field.  It's also important 
to realize that you'll need to provide support to Quanta's manufacturing team.  
Sometimes laptops require reworking due to test failures, and that can require 
them to be unlocked; if they're not using OLPC's keys you'll have to be able to 
provide those keys yourself.

        - Ed


On Mar 14, 2011, at 7:46 PM, Sridhar Dhanapalan wrote:

> On 14 March 2011 10:58, James Cameron <qu...@laptop.org> wrote:
>> On Sat, Mar 12, 2011 at 03:46:02PM +1100, Sridhar Dhanapalan wrote:
>>> There are three main questions raised by this process:
>>>   [...]
>>>   3. why must I wait 24 hours to get the developer key?
>> 
>> Presuming you are asking about an OLPC developer key rather than a
>> deployment developer key ... the delay is to allow time for the laptop
>> to be reported to OLPC as stolen.
> 
> If an XO has both the OLPC and our own deployment developer keys,
> would it be correct to say that it can receive a developer key from
> either OLPC or us?
> 
> Hence, an XO theft must be reported to both OLPC and OLPCAU?
> 
> Sridhar
> _______________________________________________
> Devel mailing list
> Devel@lists.laptop.org
> http://lists.laptop.org/listinfo/devel

_______________________________________________
Devel mailing list
Devel@lists.laptop.org
http://lists.laptop.org/listinfo/devel

Reply via email to