On Sat, Apr 11, 2015 at 01:28:13AM +0200, Loïc Minier wrote: > Yup, but at least we will only request the master Ubuntu password when > connected to the real Ubuntu website rather than passing it to the device > unencrypted; only the allowed token is then passed to the device. Maybe > that token can only access the store, or it can be revoked, but it feel > less of a danger than passing the actual password?
What operations (or which data) would be available to the password that aren't available to the token? Thanks
signature.asc
Description: Digital signature
-- snappy-devel mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/snappy-devel
