Token based access restriction

(Proposal:)
(Part 1)
Line 18: Line 18:
== Proposal: ==
== Proposal: ==
=== Part 1 ===
=== Part 1 ===
-
Create a section of the site that can only be accessed through a unique token. Users would be able to access this section of the site by submitting a serial number that uniquely identifies their device (such as the WLAN MAC address or BT MAC address). This serial number would be used to generate a permanent token (maybe an MD5 hash) that they could use to download files that are only licensed to be distributed to people who own such a device. If the token generated for the user was "SDFKJSDFHDSF" then the structure of the URL would (conceptually) look something like this: http://maemo.org/nokia-closed/N800/SDFKJSDFHDSF/N8x0-3D-drivers.tar.gz
+
Create a section of the site that can only be accessed through a unique token. Users would be able to access this section of the site by submitting a serial number that uniquely identifies their device (such as the WLAN MAC address or BT MAC address) and then agreeing to an EULA. This serial number would be used to generate a permanent token (maybe an MD5 hash) that they could use to download files that are only licensed to be distributed to people who own such a device. If the token generated for the user was "SDFKJSDFHDSF" then the structure of the URL would (conceptually) look something like this: http://maemo.org/nokia-closed/N800/SDFKJSDFHDSF/N8x0-3D-drivers.tar.gz
=== Part 2 ===
=== Part 2 ===
Allow developers to distribute complete OS images that include Nokia "closed" binaries, by letting them upload these images to a subsection of the "token protected" area of the site. If necessary, users could request their own subsection and this could be granted on a case by case basis by someone inside Nokia. If Alice (the developer mentioned above) uploads a new image of her distribution to her own section, the resulting URL for that image could look something like this: http://maemo.org/nokia-closed/N800/SDFKJSDFHDSF/~Alice/AlternateDistro.img
Allow developers to distribute complete OS images that include Nokia "closed" binaries, by letting them upload these images to a subsection of the "token protected" area of the site. If necessary, users could request their own subsection and this could be granted on a case by case basis by someone inside Nokia. If Alice (the developer mentioned above) uploads a new image of her distribution to her own section, the resulting URL for that image could look something like this: http://maemo.org/nokia-closed/N800/SDFKJSDFHDSF/~Alice/AlternateDistro.img

Revision as of 10:17, 30 September 2009

Contents

Token based access to repositories of files on maemo.org

Use cases

Alternate Distribution

Story: Alice has created an alternate distribution for the Nokia Internet Tablets, but in order to fully take advantage of the hardware, she needs to use some proprietary binary drivers that only Nokia has the right to redistribute. Now she wants to provide her distribution to users.

She needs: a way to upload fs images that include Nokia binary drivers.

Maemo Remix

Story: Bob wants to fix some bugs the open source parts of Maemo 4 and distribute a complete flashable image. Because he's replacing system libraries he can't distribute his fixes through extras.

He needs: a way to upload an fs image that includes Nokia binary drivers as well as user-level applications that originally came with N8x0, such as Adobe Flash and "Map."

User of Alice's AlternateDistro or Bob's MaemoRemix

Story: Claire has an N800 and wants to try out Alice's AlternateDistro and Bob's MaemoRemix.

She needs: a way to provide a token that proves she has a Nokia Internet Tablet and thus has the rights to access the Nokia binaries included in the downloads provided by Alice and Bob.

Proposal:

Part 1

Create a section of the site that can only be accessed through a unique token. Users would be able to access this section of the site by submitting a serial number that uniquely identifies their device (such as the WLAN MAC address or BT MAC address) and then agreeing to an EULA. This serial number would be used to generate a permanent token (maybe an MD5 hash) that they could use to download files that are only licensed to be distributed to people who own such a device. If the token generated for the user was "SDFKJSDFHDSF" then the structure of the URL would (conceptually) look something like this: http://maemo.org/nokia-closed/N800/SDFKJSDFHDSF/N8x0-3D-drivers.tar.gz

Part 2

Allow developers to distribute complete OS images that include Nokia "closed" binaries, by letting them upload these images to a subsection of the "token protected" area of the site. If necessary, users could request their own subsection and this could be granted on a case by case basis by someone inside Nokia. If Alice (the developer mentioned above) uploads a new image of her distribution to her own section, the resulting URL for that image could look something like this: http://maemo.org/nokia-closed/N800/SDFKJSDFHDSF/~Alice/AlternateDistro.img