[Sugar-devel] [Tecnologia] Async schoolserver registration for F11-0.88

[Daniel Drake]

On 1 July 2010 20:07, Bernie Innocenti <bernie at codewiz.org> wrote:
> What's the attack vector you're thinking about? Playing dirty tricks
> with DHCP and DNS on the LAN? Sadly true for many clients in many
> LANs...

Child connects to a network, perhaps just to go online outside of
school. The network has an XS. The laptop registers. The journal is
backed up to the server.

> Wouldn't this also affect the manual registration case?

That's true but it's unlikely that the child would try to register
outside of school.

I think the current XO-XS communication is secure enough in the places
where it needs to be. But registration indeed is a big problem and it
could do with a rethink which would probably involve some kind of
key-based auth to achieve the best results in terms of user
experience.

Daniel