[sldev] OpenID & SSL certificates

[Ryan McDougall]

On Mon, 2007-10-01 at 08:36 -0500, Argent Stonecutter wrote:
> On 01-Oct-2007, at 04:19, Ryan McDougall wrote:
> > Of course this brings us back to the original use case, an adulterated
> > client viewer source (where once you access, the game is up no matter
> > what).
> 
> The solution is to not worry about that case, because unless you're  
> using an Orange Book class B trusted computer system with mandatory  
> access control at every level (and you'd have to port SL to it first,  
> because it's unlikely to run on one as is), it doesn't matter whether  
> you're using the official viewer or a third party viewer... as soon  
> as you use any software other than that distributed by the OS vendor  
> or Linden Labs the game is up no matter what.

Most linux distro's ship SELinux enabled. I dont know if that
technically "orange book", but its a sight better the old-fashioned
naive UNIX you describe. If MS refuses to ship a similar solution its
really beyond the scope of this discussion.

While youre definitely right, there is more than one way to attack a
crypto binary from a compromised SL viewer, the point is, as I said, the
problem isnt necessarily "solved" so much as it reduces to a problem of
OS or crypt-system security, which at the very least takes it off our
plate.

This, IMO, was LL intention in trying to offload the work to Mozilla --
not because Moz is leet security, but because its something for Mozilla
et al to worry about.

Cheers,