[sldev] 3rd party viewer policy post on blogs.secondlife.com

[Anders Arnholm]

At first over view that idea sound so easy...
But it's it really hard...


On Wed, Oct 21, 2009 at 02:26:41PM -0200, Tigro Spottystripes wrote:
> what I was thinking was that the viewer binary would somehow be signed
> in a way that it could be verified as having been generated by someone
> that has been given a trust key from LL, the exactly how part went down
> the drain kinda
> 
> Mike Dickson escreveu:
> > How does that help validate a viewer is "certified"?  I can see a OTP to
> > validate a user. The point with the GSM example is the source info is
> > "tamper proof."  I don't see that here with a viewer, especially an open
> > source one where source needs to be distributed.
> >
> > On Wed, 2009-10-21 at 15:59 +0000, Anders Arnholm wrote: 
> >   
> >> No the screat are probalt some muchg lnger than allen, it will be
> >> trasforemed with an algoritm.
> >>
> >>     f(SKEY, Challange) 
> >>
> >> Is what are going to be sent,  this to make sure that KEY are not sent
> >> over the net and intercepter by anyone on the internet. The problem some
> >> to the viewer have to be able to make the calculation f(SKEY, Challange)
> >> to make this computation the coputer will need to have both the function
> >> f(k,c) and the SKEY someware. Whan you have both these to pices of
> >> information in one computer figuring out f() and SKEY are a trivial
> >> work.
> >>     
> >
> >
> >
> >   
> 
> 
> -- 
> This message has been scanned for viruses and
> dangerous content by MailScanner, and is
> believed to be clean.
> 

-- 
      o_   Anders Arnholm,
 o/  /\    anders at arnholm.se
/|_, \\    http://anders.arnholm.se/
/
`
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.secondlife.com/pipermail/sldev/attachments/20091021/02edea97/attachment.pgp