On Sun, 2006-09-03 at 00:35 -0400, Ivan Krstić wrote: > Ian Bicking wrote: > > By "system-wide", do you mean global, country, or school-wide? > > I meant operating-system level. Any application will be able to use a > stable API to verify and issue a digsig; each kid will have an > (obviously) unique keypair. > > This provides an emergent PKI based on key continuity management (KCM); > it's PKI minus all the really ugly bits that make PKI not work in normal > situations, basically.
Can we have a meeting about the direction of this, specs, APIs, etc? Dan > > Something like a client-side SSL certificate > > Certificates are complex and difficult to manage, and would reintroduce > the ugly PKI bits from above that I'm working hard to avoid. But > functionally, we'll still be able to do encryption and authentication > where it makes sense. > > > So, if one child is connecting to a laptop they have > > connected to before, they can be identified without a connection to any > > centralized certificate authority. > > This is KCM, so yes. > _______________________________________________ Sugar mailing list [email protected] http://mailman.laptop.org/mailman/listinfo/sugar
