[Bf-python] Re: ID Properties and python hook scripts
joe
joeedh at gmail.com
Wed Oct 11 15:03:19 CEST 2006
no NO! too complicated! The idea is there's a menu to install
scripts, and if the script wants to use a trusted-leve feature,
blender just pops up a little dialog asking "Enable trusted features
for this script?". What's more, you can disable the popup if you
want, as obviously if your "installing" a script through blender you
probably trust it. :)
No hash-keys, no public-private shit. we already got rid of openssl
from the sourcetree ;)
Joe
On 10/11/06, Emanuel Greisen <blender at emanuelgreisen.dk> wrote:
> How about using the normal trust-chain system, then you can add new
> root-certificates, but you can also have some company/person/what-ever
> endorsed with the trust of the BF-team. That is much more like digitally
> signing in the sence we know it from applets, and other secure content
> on the web.
>
> Consider loading a script that is digitally signed and a pop-up appears:
> Do you trust "Blip Blop Corp.", "yes", "no", "always". And then one day,
> "Blip Blop Corp." gets a certificate by "BF" so from now on, their
> scripts will be "auto-trusted".
>
> Please not "Blip Blop Corp." might not be commercial, it might just be a
> group of developers, one developer, etc. etc.
>
> That should also give the oppotunity for a revoke-list, not quite sure
> how they work though, but they exist.
>
> Pro: This is commonly used (and there are many tools for it).
>
> Con: We might end up with certificate-expiration-issues....
> _______________________________________________
> Bf-python mailing list
> Bf-python at projects.blender.org
> http://projects.blender.org/mailman/listinfo/bf-python
>
More information about the Bf-python
mailing list