Hello all! I am, together with Pablo Flores, working in preparing EduBlog for deployment in Ceibal (yay!). However, one of the big challenges ahead is deciding on the security infrastructure needed. So I've decided to consult the gurus at server-devel =) .
The problem is not in finding novel or ultra-secure algorithms, but in easily deployable and usable mechanisms. The MAC authentication method, described in earlier threads, is an easy hack, but not very secure (MACs can be spoofed, etc), however I wonder if an auth plugin for moodle with this scheme has been implemented. The other real solution that comes to mind would be TLS (SSL), maybe using the DSA SSH key generated in first-boot? I believe this would involved modifying Browse to use that file, and also gathering the XOs public keys manually and add them to the server, which is a logistic nightmare. I hope I'm wrong in this, could you advise me? Being password-less is one of the key concepts in the XO's design. And rightly so, for both usability reasons, and the logistic problem of handling lost/compromised passwords. So we need to try and stick to it as much as possible. Cheers! -- -Andrés _______________________________________________ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel