Le , Ian Clarke <[email protected]> a écrit :
On Fri, Nov 19, 2010 at 3:22 PM, Matthew Toseland
[email protected]> wrote:
> What we could do is:
> - either, having several identities tied to an account (so once the
> account is logged in, no need for a password for the identity, just
> choose which one you want to use); so, with this we have a separation
> between the account (1 per real user) and the identities (several per
> real user).
Okay so you log in with a password (and possibly a username), and then
you switch between different identities.
I know, then we can build some kind of system that remembers people's
passwords so that they don't have to use a password - genius! Or, we
simply don't require passwords in the first place. We are supposed to be
making Freenet easier to use, not figuring out new ways to throw
obstacles in people's way.
Good point. Without the sarcasm, it would have been even better, but well...
So, here is what I propose: right now, we ask for the name of the node's
owner in the wizard (do we still do that?). Instead of that, we could ask
the user to create a new identity, and ask if they want a password for that
identity or not.
If the user choose to not have a password, we just log this identity by
default. Later on, he can choose to add a password to that identity if he
wants to secure it. He can also choose to add new identities, which we then
present on a dropdown list on the right of the "menu" (right where we show
the identity currently logged in). This identity can have a password too.
If it has a password, we encrypt all the information of that identity
(bookmarks, messages, and so on).
The remaining problem is: how do we integrate the "master" password which
encrypts the datastore and so on?
One way to do that would be to have separate datastores etc. by identities.
We run by default all the things that are required by the identities
without password, and only run the things that are required by the secure
identities once they're logged in. This means we should have a way to
present the users all the identities currently logged in, so he can log out
the identities he doesn't want to run.
It makes a bit difficult to manage bookmarks if we tie them up with
identities (we can display all the bookmarks of the identities logged in,
but in case we have several identities, with some of them logged out, it
can be a bit difficult to remember which identity store the specific
bookmark we want to visit right now), but I don't see another way if we
don't use accounts.
Is that better?
Ian.
--
Ian Clarke
CEO, SenseArray
Email: [email protected]
Ph: +1 512 422 3588
_______________________________________________
Devl mailing list
[email protected]
http://freenetproject.org/cgi-bin/mailman/listinfo/devl
