Ivan Krstić wrote:
Martin Langhoff wrote:
- Identity mgmt. How does the OS deal with user accounts, student
identities and is there any way to assert that identity to a server?
Identity will be detailed in an upcoming spec, but the basic idea is
that there will be an API to a system-wide identity service that can
verify and issue digital signatures.
By "system-wide", do you mean global, country, or school-wide? Will the
browser effectively get a certificate (and thus the laptop and
presumably the student who has a 1-to-1 relationship with the laptop?)
Something like a client-side SSL certificate, though I don't know if SSL
itself would be used. (Isn't it possible to do unencrypted SSL? I
imagine the CPU overhead of SSL could be a problem)
So, basically, we then get a trusted identity for the student/laptop,
but alone it doesn't give us any information about the student. There's
a privacy issue there; does the student have to confirm if they will be
identified? Do we allow multiple identities on a single laptop?
Aliases and pseudonyms are one of the better ways to do anonymous
communication, as it's pretty easy for the user to understand, and it's
applicable anywhere a login is required.
If it is SSL, then this could extend to any communications between
laptops. Would it rely on caching information to be able to identify
while offline? So, if one child is connecting to a laptop they have
connected to before, they can be identified without a connection to any
centralized certificate authority.
--
Ian Bicking | [EMAIL PROTECTED] | http://blog.ianbicking.org
_______________________________________________
Sugar mailing list
[email protected]
http://mailman.laptop.org/mailman/listinfo/sugar
