[sldev] 3rd party viewer policy post on blogs.secondlife.com
Anders at Arnholm.se
Wed Oct 21 11:27:04 PDT 2009
At first over view that idea sound so easy...
But it's it really hard...
On Wed, Oct 21, 2009 at 02:26:41PM -0200, Tigro Spottystripes wrote:
> what I was thinking was that the viewer binary would somehow be signed
> in a way that it could be verified as having been generated by someone
> that has been given a trust key from LL, the exactly how part went down
> the drain kinda
> Mike Dickson escreveu:
> > How does that help validate a viewer is "certified"? I can see a OTP to
> > validate a user. The point with the GSM example is the source info is
> > "tamper proof." I don't see that here with a viewer, especially an open
> > source one where source needs to be distributed.
> > On Wed, 2009-10-21 at 15:59 +0000, Anders Arnholm wrote:
> >> No the screat are probalt some muchg lnger than allen, it will be
> >> trasforemed with an algoritm.
> >> f(SKEY, Challange)
> >> Is what are going to be sent, this to make sure that KEY are not sent
> >> over the net and intercepter by anyone on the internet. The problem some
> >> to the viewer have to be able to make the calculation f(SKEY, Challange)
> >> to make this computation the coputer will need to have both the function
> >> f(k,c) and the SKEY someware. Whan you have both these to pices of
> >> information in one computer figuring out f() and SKEY are a trivial
> >> work.
> This message has been scanned for viruses and
> dangerous content by MailScanner, and is
> believed to be clean.
o_ Anders Arnholm,
o/ /\ anders at arnholm.se
/|_, \\ http://anders.arnholm.se/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: Digital signature
Url : http://lists.secondlife.com/pipermail/sldev/attachments/20091021/02edea97/attachment.pgp
More information about the SLDev