Main options / variables

• Augment or Replace OLPC keys
• Delivery Chain Security
• Time-based activation + active kill

to do: Summarize the top level concerns

Simple Scenario: Delivery Chain Security and Signed Software

Preparations

• Generate country keys
• Setup an offline signing machine
• Load keys on signing machine
• Prepare and sign custom OS image
• Handle first shipment

With each shipment:

• Load data from Quanta to signing machine
• Associate SNs to schools
• Generate activation keys (universal, per school)

On every OS update

• Sign OS / kernel / initrd / OFW images

Other:

• If transitioning from OLPC keys, OLPC will provide a keyjector
• Setup a formal workflow for developer key requests
• Generate

Advanced Scenario: Time-based Activation + Active Kill

Preparations

• Generate country keys
• Setup an offline signing machine
• Prepare and sign custom OS image
• Activation Server
  • Procure internet accessible machine. (CoLo?)
  • Install, configure
  • Procure HTTPS cert (or self-sign)
• Load keys on Activation Server

With each shipment:

• Load data from Quanta to Activation Server
• Generate activation keys (optional, may be used as a complement to XS-based activation)

On every OS update

• Sign OS / kernel / initrd / OFW images

Other:

• Setup a formal 'report XO as stolen' workflow, and mark the XOs as stolen on the Activation Server.
• Review devkey request on the Activation Server.
• Regularly update the delegations on the Activation Server -- weekly "trade" with signing machine.

What is?

What is: Signed OS images?

to do

What is: A signing server?

to do