[IAEP] Activity Authentication - Questions about legal liability

Luke Faraone luke at faraone.cc
Sun Feb 8 13:04:11 EST 2009

Previous message: [IAEP] using the insert function block in turtle art
Next message: [IAEP] Activity Authentication - Questions about legal liability
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Walter, (cc'd to list)

There was a recent discussion on #sugar about how to handle authentication
and signatures for library and activity bundles. One of the models we
considered which is most attractive from a ease-of-use and technical
standpoint is that of a centralized "Sugar Labs signing authority" which
would give trusted developers the ability to digitally sign activities
posted on addons.sl.o as Untampered, Safe, and Trusted.

This is a Good Thing(tm), because it allows the user to verify that his
documents are not modified in transit, that they are fairly accurate,
etcetera.

It may pose as a legal liability for Sugar Labs, however, as Ivan pointed
out: Chains of trust represent also a chain of legal liability, and whoever
is on top is painting a giant "sue me" target on their back if anyone  below
screws up, gives incorrect information, or information that's used
incorrectly.

Could ask your contacts at the SFLC to assess SL's liability in this
situation?

-- 
Luke Faraone
http://luke.faraone.cc
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.sugarlabs.org/archive/iaep/attachments/20090208/85916c30/attachment.htm

Previous message: [IAEP] using the insert function block in turtle art
Next message: [IAEP] Activity Authentication - Questions about legal liability
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the IAEP mailing list