[GSoC] Proposal: Authentication for scripted plasmoid downloaded from the web
Chani
chanika at gmail.com
Sun Apr 4 19:56:42 CEST 2010
On April 4, 2010 06:39:10 Diego Casella ([Po]lentino) wrote:
> Hi guys,
> sorry for being late, however here it is my proposal for this summer of
> code.
> Since, during PlasMate development, we talked a bit about the possibility
> to verify the plasmoids downloaded from kde-look.org or opendesktop.org, I
> think about it for a while and I came whit the idea to improve
> plasmaengineexplorer (plus plasmapkg and PlasMate, if there wil be enough
> time) in order
I assume you mean plasma *widget* explorer ;)
> to use the QCA api to provide plasmoids authentication. Here it is my
> implementation details (see the full proposal here
> http://socghop.appspot.com/gsoc/student_proposal/private/google/gsoc2010/di
> ego_casella/t127038771188 ):
psst. only mentors have access to that page - note the "private" in the url :)
I suggest you upload your proposal somewhere public as well.
>
> My idea is to use the QCA framework in order to verify the signature of the
> plasmoids downloaded from kde-look.org, opendesktop.org, or installed with
> plasmapkg/PlasMate. This will require patching the plasma widgetexplorer
> and plasmapkg (and also PlasMate in order to support the package signing
> process, if time permits that).
yay! :)
I kinda wish this was going into GHNS itself... but I guess you have to
download the widget before you can check the signature, unless the server
tells you what the security rating is.
--
This message brought to you by eevil bananas and the number 3.
www.chani3.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
Url : http://mail.kde.org/pipermail/plasma-devel/attachments/20100404/a2246e01/attachment.sig
More information about the Plasma-devel
mailing list