** Changed in: software-center-agent
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/833945
Title:
Allow to install system wide license keys
To manage not
** Changed in: software-center-agent
Status: New => Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/833945
Title:
Allow to install system wide license keys
To manage notification
** Changed in: aptdaemon (Ubuntu)
Status: In Progress => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/833945
Title:
Allow to install system wide license keys
To manage notifica
The code for aptdaemon is now in trunk and 12.04. In 12.04 we need a
additional helper package "softtware-center-aptdaemon-plugins" that is
waiting in NEW currently. Then there is lp:~mvo/software-center/system-
wide-license-key-fixes that needs merging once the plugin package is
available in 12.04
I'm sorry that this seems to go on forever, but I finally picked this up
again and added support for piston-mini-client/scagent direclty in the
aptdaemon. This means that after the install of the purchase app it
needs to run a "subscriptions_for_me" call (or subscriptions_by_id) and
wait for the se
Discussed briefly on irc.
One way to make this call secure would be to make the AddLicenseKey call:
AddLicenseKey(packagename, token, server)
aptdaemon could then contact the (trusted) server, authenticate with the
provided token and retrieve the license key itself.
It would need to receive the
Sorry, I don't know the infrastructure on the server side. I was just
guessing about the key location.
Using ssl would indeed help. But aptdaemon has to be sure that the key
comes from the correct server. The aptdaemon InstallLicenseKey method
can be invoked by every application - not only by s-c-
Hi Sebastian,
I don't really know what would be needed to get LP to sign the keys. They
don't currently get stored on LP at all.
Currently the key is being sent over https, and the latest httplib2 does verify
the server certificate, so we're pretty sure it does come from the
sofware-center-age
** Changed in: aptdaemon (Ubuntu)
Importance: Medium => High
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/833945
Title:
Allow to install system wide license keys
To manage notifications about t
What about the trust level of the key content? Is it possible to sign
the key by Launchpad automatically? I have good a bad feeling dropping
unknown files to the system. This is a possible security attack vector.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which
@mvo: That's fine - there is nothing stopping the packager/reviewer from
ensuring that the license_key_path is part of the package - as we don't
yet have pkgme doing the auto-packaging. Based on comment 5 above, I'd
recommend that the client checks the package for the XB-LicenseKeyPath,
and if it d
There is currently a disconnect between the way the server implements
this feature (via a license_key and license_key_path json return value)
and what aptdaemon expects.
Aptdaemon wants to have the license key path as part of the pacakge
record. This means that it needs to be added via "XB-License
** Tags added: proj-keys
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/833945
Title:
Allow to install system wide license keys
To manage notifications about this bug go to:
https://bugs.launchpad.n
Thanks for the summary. Well thought. So packages don't seem to be a
good solution. The technical implementation depends on a social
component: Can you enforce the location of the key/policy to all
vendors? If there is perhaps a proprietary software which insists on a
custom location we need to tra
Thanks for including the discussion Anthony. The one question I think is
still unanswered though (and unsupported by our current implementation)
is:
Don't we also want to allow people to install a publically available
deb, and then purchase a license key to unlock functionality?
But maybe that's
Copy+pasting from the thread where packaged keys was dicussed:
(...)
The main option on this thread seems to be to serve the key from a
package vs. pulling it in some other way that involves an API.
Packaged keys have several downsides. If we serve them from a per-user
PPA, it would involve a
On Thu, Aug 25, 2011 at 9:47 PM, Sebastian Heinlein
<833...@bugs.launchpad.net> wrote:
> Or a more basic question: Why don't you ship licenses in packages? It is
> just a static file.
Yep - I'd be keen to hear the discussion around that too. I was last
night thinking about a similar point from the
Or a more basic question: Why don't you ship licenses in packages? It is
just a static file.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/833945
Title:
Allow to install system wide license keys
To
** Description changed:
There is the need to allow sharing software license key by all users on
the system. So they need to be dropped to an accessible location on the
system. This bug tracks the discussion and progress of this effort.
+
+ From a security point of view we allow a desktop us
19 matches
Mail list logo
