Hi Alan,
Andrew, given your experience what security measures will be necessary for these keys? Will there be a need for some elaborate security process or a simple trusted Keymaster to keep track of the keys?
I wouldn't say there are any security measures per se. It is more a matter of managing, so a keymaster or similar would be sufficient. Basically it is a matter of having some unit responsible for the generation of the keys, and also keeping track of what keys are for what service. When a user makes a post using the key, it would display as coming from "$SERVICE on openSUSE" or similar. So ultimately openSUSE needs to know what services and what apps using their key are. It is a subtle form of marketing, as an example Ubuntu replaced the API key in Gwibber (social network client for GNOME) with their own key and it displays as posted from "Ubuntu"; Fedora have done something similar and it displays as "Fedora-Gwibber" or similar. Regards, Andy -- Andrew Wafaa IRC: FunkyPenguin GPG: 0x3A36312F openSUSE: Get It, Discover It, Create It at http://www.opensuse.org -- To unsubscribe, e-mail: opensuse-project+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-project+help@opensuse.org