Token based access restriction

Contents

Token based access to repositories of files on maemo.org

Use cases

Alternate Distribution

Story: Alice has created an alternate distribution for the her device, but in order to fully take advantage of the hardware, she needs to use some proprietary binary drivers that only the hardware vendor has the right to redistribute. Now she wants to provide her distribution to users.

She needs: a way to upload fs images that include proprietary binary drivers.

Maemo Remix

Story: Bob wants to fix some bugs the open source parts of Maemo 4 and distribute a complete flashable image. Because he's replacing system libraries he can't distribute his fixes through extras.

He needs: a way to upload an fs image that includes proprietary binary drivers as well as user-level applications that originally came with the device, such as Adobe Flash and "Map."

User of Alice's AlternateDistro or Bob's MaemoRemix

Story: Claire has an N800 and wants to try out Alice's AlternateDistro and Bob's MaemoRemix.

She needs: a way to provide a token that proves she has a device from the hardware vendor and thus has the rights to access the proprietary binaries included in the downloads provided by Alice and Bob.

Proposal:

Part 1

Create a section of the site that can only be accessed through a unique token. Users would be able to access this section of the site by submitting a serial number that uniquely identifies their device (such as the WLAN MAC address or BT MAC address) and then agreeing to an EULA. This serial number would be used to generate a permanent token (maybe an MD5 hash) that they could use to download files that are only licensed to be distributed to people who own such a device. If the token generated for the user was "SDFKJSDFHDSF" then the structure of the URL would (conceptually) look something like this: http://maemo.org/hw_vendor-closed/N800/SDFKJSDFHDSF/N8x0-3D-drivers.tar.gz

Part 2

Allow developers to distribute complete OS images that include the hardware vendor's "closed" binaries, by letting them upload these images to a subsection of the "token protected" area of the site. If necessary, users could request their own subsection, under which they could create as many sub-directories as necessary, and this could be granted on a case by case basis by someone inside the hardware vendor. If Alice (the developer mentioned above) uploads a new image of her distribution to her own section, the resulting URL for that image could look something like this: http://maemo.org/hw_vendor-closed/N800/SDFKJSDFHDSF/~Alice/AD1/AlternateDistro.img