On Wed, Dec 10, 2008 at 09:56:39AM -0200, Marcel Renaud wrote: >Thanks a lot for your answers. > >Yes, I think a shared credentials are the best way. > >Basically we want to offer a service just for the Xos and are working now on >the authentication model. >We are going to use webservices with >WSS<http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=wss> >and place a signed key on each XO that is going to use the service, to >authenticate with the webservice provider.
Marcel, Is it important to keep the credential(s) secret? If so: * why? * for how long? * against what attack(s)? * how? * if (when) they leak, what next? Also, what are the incentives for keeping the credentials secret? for publishing them? Regards, Michael _______________________________________________ Devel mailing list Devel@lists.laptop.org http://lists.laptop.org/listinfo/devel