The OLPC public key will be pre-installed on the laptop. This lets a child know that a new build is official, and can be trusted. The say is true of each parent country, their public key(s?) will be pre-installed for safe verification of content.
<br><br>When a child writes/forks an activity, they are able to share that over the mesh to only their friends initially (or rather, that the automatic distribution happens that way, am I mistaken?). Since public/private keys are done from boot, it is logical to assume that each activity released over the mesh would be signed by the child that wrote it, as well.
<br><br>Couple questions:<br><br>A child installs/accepts another child's public key when they become friends, yes?<br>How do non-local developers get their keys deployed easily. For instance, the Open Source Lab has worked on activities, and will continue to. Something like "Watch & Listen" might be signed by OLPC (or not), but less common/official activities likely won't be. How would children be able to accept the Lab's key, to streamline the process? Is it on the first-run of an OSL-signed activity? Are general developers (not official, not personal friends of a user) not going to sign their keys by default?
<br clear="all"><br>-- <br>Michael Burns * Open Source Lab<br> Oregon State University