Ian Bicking wrote: > By "system-wide", do you mean global, country, or school-wide?
I meant operating-system level. Any application will be able to use a stable API to verify and issue a digsig; each kid will have an (obviously) unique keypair. This provides an emergent PKI based on key continuity management (KCM); it's PKI minus all the really ugly bits that make PKI not work in normal situations, basically. > Something like a client-side SSL certificate Certificates are complex and difficult to manage, and would reintroduce the ugly PKI bits from above that I'm working hard to avoid. But functionally, we'll still be able to do encryption and authentication where it makes sense. > So, if one child is connecting to a laptop they have > connected to before, they can be identified without a connection to any > centralized certificate authority. This is KCM, so yes. -- Ivan Krstić <[EMAIL PROTECTED]> | GPG: 0x147C722D _______________________________________________ Sugar mailing list [email protected] http://mailman.laptop.org/mailman/listinfo/sugar
