<a href="http://boblord.livejournal.com/18402.html">http://boblord.livejournal.com/18402.html</a> <br><br><div class="gmail_quote">On Tue, Feb 10, 2009 at 1:20 PM, Martin Langhoff <span dir="ltr"><<a href="mailto:martin.langhoff@gmail.com">martin.langhoff@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">On Wed, Feb 11, 2009 at 4:57 AM, Simon Schampijer <<a href="mailto:simon@schampijer.de">simon@schampijer.de</a>> wrote:<br>
>> Thoughts? Opinions? Code?<br>
>><br>
>> cheers,<br>
><br>
> I wonder if it would not be best to generate a cert per user when we<br>
> authenticate the first time with the XS and add this then to the cert8.db in<br>
> the profile. This works fine - rainbow wise - as we do this already for the<br>
> OLPC - Root CA.<br>
<br>
How do we<br>
<br>
- get the cert of the XS ahead of time and mark it as trusted to<br>
avoid the "self-signed cert bad!" screen?<br>
<br>
- give the XS our cert so it knows who we are?<br>
<br>
see the 'Plan A' (in my opening post) for further notes.<br>
<br>
<br>
<br>
m<br>
--<br>
<a href="mailto:martin.langhoff@gmail.com">martin.langhoff@gmail.com</a><br>
<a href="mailto:martin@laptop.org">martin@laptop.org</a> -- School Server Architect<br>
- ask interesting questions<br>
- don't get distracted with shiny stuff - working code first<br>
- <a href="http://wiki.laptop.org/go/User:Martinlanghoff" target="_blank">http://wiki.laptop.org/go/User:Martinlanghoff</a><br>
_______________________________________________<br>
Sugar-devel mailing list<br>
<a href="mailto:Sugar-devel@lists.sugarlabs.org">Sugar-devel@lists.sugarlabs.org</a><br>
<a href="http://lists.sugarlabs.org/listinfo/sugar-devel" target="_blank">http://lists.sugarlabs.org/listinfo/sugar-devel</a><br>
</blockquote></div><br><br clear="all"><br>-- <br>"It is difficult to get a man to understand something, when his salary depends upon his not understanding it." -- Upton Sinclair<br>