On Fri, Oct 3, 2008 at 7:22 PM, Andrés Ambrois <[EMAIL PROTECTED]> wrote: > I am, together with Pablo Flores, working in preparing EduBlog for > deployment in Ceibal (yay!). However, one of the big challenges ahead is > deciding on the security infrastructure needed. So I've decided to consult the > gurus at server-devel =) .
Hola Andres! - What's your timeframe? - Are the Ceibal machines registering with the Ceibal servers in any way? > The other real solution that comes to mind would be TLS (SSL), maybe using > the DSA SSH key generated in first-boot? I believe this would involved > modifying Browse to use that file, and also gathering the XOs public keys > manually and add them to the server, which is a logistic nightmare. I hope I'm > wrong in this, could you advise me? That is one of the paths we are exploring :-) with an additional tweak to the 'register' action that retrieves the self-signed cert of the server on the XO as a trusted cert, and gives the XS the cert of the XO. This of course needs a change in the register API - (minor) code changes on the XO core Sugar libs and in Browse. cheers, m -- [EMAIL PROTECTED] [EMAIL PROTECTED] -- School Server Architect - ask interesting questions - don't get distracted with shiny stuff - working code first - http://wiki.laptop.org/go/User:Martinlanghoff _______________________________________________ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel