The OLPC public key will be pre-installed on the laptop. This lets a child know that a new build is official, and can be trusted. The say is true of each parent country, their public key(s?) will be pre-installed for safe verification of content.
When a child writes/forks an activity, they are able to share that over the mesh to only their friends initially (or rather, that the automatic distribution happens that way, am I mistaken?). Since public/private keys are done from boot, it is logical to assume that each activity released over the mesh would be signed by the child that wrote it, as well. Couple questions: A child installs/accepts another child's public key when they become friends, yes? How do non-local developers get their keys deployed easily. For instance, the Open Source Lab has worked on activities, and will continue to. Something like "Watch & Listen" might be signed by OLPC (or not), but less common/official activities likely won't be. How would children be able to accept the Lab's key, to streamline the process? Is it on the first-run of an OSL-signed activity? Are general developers (not official, not personal friends of a user) not going to sign their keys by default? -- Michael Burns * Open Source Lab Oregon State University
_______________________________________________ Sugar mailing list [email protected] http://mailman.laptop.org/mailman/listinfo/sugar
