* Debconf doesn't have a "browse for files" widget type. Using the string type to enter either the keys path or the keys text would be a little awkward.
* I'd prefer using scp to copy the keys to dozens of workstations than providing the path to a debconf dialog in each one of them.
* Maybe one way to do it would be for italc-master to publish the keys using avahi txt records. I think sugar and controlaula use that method. Then, an italc-client postinst script would:
(a) Automatically use the server keys, if just one italc-master server was found.
(b) Show a multiselect debconf widget if multiple italc-master servers were found.
(c) Create new keys (or leave the package in an unconfigured state?) if no italc-master servers were found during installation.
* While that method would make italc-client installation automatic for the most common case, it also raises some security concerns: what if the correct italc-master server is down while installing italc-client to the clients, and some "malicious" server is up?
If publishing the server keys using avahi is an acceptable method, I'm interested in preparing/proposing a patch for it.
Just some thoughts:
* Debconf doesn't have a "browse for files" widget type. Using the string type to enter either the keys path or the keys text would be a little awkward.
* I'd prefer using scp to copy the keys to dozens of workstations than providing the path to a debconf dialog in each one of them.
* Maybe one way to do it would be for italc-master to publish the keys using avahi txt records. I think sugar and controlaula use that method. Then, an italc-client postinst script would:
(a) Automatically use the server keys, if just one italc-master server was found.
(b) Show a multiselect debconf widget if multiple italc-master servers were found.
(c) Create new keys (or leave the package in an unconfigured state?) if no italc-master servers were found during installation.
* While that method would make italc-client installation automatic for the most common case, it also raises some security concerns: what if the correct italc-master server is down while installing italc-client to the clients, and some "malicious" server is up?
If publishing the server keys using avahi is an acceptable method, I'm interested in preparing/proposing a patch for it.