On Feb 8, 2009, at 1:04 PM, Luke Faraone wrote:
> It may pose as a legal liability for Sugar Labs, however, as Ivan
> pointed out: Chains of trust represent also a chain of legal
> liability, and whoever is on top is painting a giant "sue me" target
> on their back if anyone below screws up,
Luke,
Take a look at how mozilla handles content at addons.sugarlabs.org.
They have pretty sane way of handling the issue.
The eclipse.org ecosystem has a more ridged yet fairly usable control mechanism.
David
On Mon, Feb 9, 2009 at 12:04 PM, Luke Faraone wrote:
> Walter, (cc'd to list)
>
> The
Walter, (cc'd to list)
There was a recent discussion on #sugar about how to handle authentication
and signatures for library and activity bundles. One of the models we
considered which is most attractive from a ease-of-use and technical
standpoint is that of a centralized "Sugar Labs signing autho