Store log in from WebDM

Loïc Minier loic.minier at
Fri Apr 10 23:28:13 UTC 2015

Yup, but at least we will only request the master Ubuntu password when
connected to the real Ubuntu website rather than passing it to the device
unencrypted; only the allowed token is then passed to the device. Maybe
that token can only access the store, or it can be revoked, but it feel
less of a danger than passing the actual password?

On Fri, Apr 10, 2015 at 3:01 PM, Martin Albisetti <
martin.albisetti at> wrote:

> On Fri, Apr 10, 2015 at 9:13 AM, Loïc Minier <loic.minier at>
> wrote:
> > Can't we use oauth to auth against the regular Ubuntu SSO site, and
> deliver
> > a token to the router? That way, you only type your Ubuntu credentials
> > against the SSO website (using SSL). (I feel I'm missing something
> obvious)
> How would that work?
> The user is in a browser remote from the device, with an unencrypted
> connection to it.
> There has to be some coordination between the browser (user) and the
> device, one way or another. Whatever that coordination is, it'll be
> interceptable.
> --
> Martin
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the snappy-devel mailing list