Page 71 of 158 « First 616970 71 727381 Last »
Reply
Thread Tools
vitaly_repin's Avatar
vitaly_repin is offline vitaly_repin
2010-01-03 , 11:46
Posts: 320 | Thanked: 763 times | Joined on Oct 2009 @ Espoo, FInland
#701
Originally Posted by dboreham View Post
The executive summary is for for unknown reasons, a few devices (around 2% in our sample), end up with a broken MfE cert store that is missing some CA cert symlinks.
Thanks a lot for reporting this. In fact, it was (bad) surprise for us.

However, this is automatically fixed in the upcoming MfE sw. update as we have stopped to use the symlinks mechanisms at all. Now MfE works with the certificate storage folder directly, without symlinks.
 

The Following User Says Thank You to vitaly_repin For This Useful Post:
jackabite is offline jackabite
2010-01-03 , 11:53
Posts: 46 | Thanked: 17 times | Joined on Oct 2009
#702
Are you looking to include provisioning support in a future update ? MfE is usless to me until this is available. As an end user of corporate email I have zero influence on their secuirty policies and wouldnt expect them to change their exchange config just for me. I have been using blackberry and recently tested MfE on the iPhone, would have liked to see how it worked on the N900.

(I checked the WiKi and there's nothing on there about future support for this, can you add something to say what your plans are ?)
 

The Following User Says Thank You to jackabite For This Useful Post:
vitaly_repin's Avatar
vitaly_repin is offline vitaly_repin
2010-01-03 , 12:20
Posts: 320 | Thanked: 763 times | Joined on Oct 2009 @ Espoo, FInland
#703
Originally Posted by jackabite View Post
(I checked the WiKi and there's nothing on there about future support for this, can you add something to say what your plans are ?)
I am not the Maemo spokesperson and can not communicate our marketing plans. All I can say is that we are currently doing activities in the provisioning area. But I can not say when and what exactly will be available.

Provisioning is not as simple as to add support in MfE. Adding support for provisioning commands in MfE, is the simplest part of the equation.

Just one concrete example to illustrate this. Server administrator can specify the number of failed attempts to enter PIN code (unlock the device) after which the device will be wiped. But the device does not have this functionality at all now. And how to do wipe? Is re-creating of the filesystem enough (quick format) or shall we really WIPE the device (cat /dev/zero > /dev/mmcblk<something>?). If we shall really wipe the device, then we need to do it fast. Otherwise, the attacker will be able to stop the wiping process and restore the files. But writing the data to mmc is slow. The fast way is to use cryptographic filesystem and remove the keys. But device does not have cryptofs support in place...

This example was just to illustrate the complexity of the task. And this is not only (and mostly) about sw. development per se. This is about business and legal decisions (like, "what does wipe really mean?").
Last edited by vitaly_repin; 2010-01-03 at 12:29.
 

The Following 3 Users Say Thank You to vitaly_repin For This Useful Post:
jackabite is offline jackabite
2010-01-03 , 12:51
Posts: 46 | Thanked: 17 times | Joined on Oct 2009
#704
thanks for the reponse, sounds like whatever route you take it will be sometime before this feature is available. I am suprised that Microsoft doesnt provide guidelines around how to implement the provisioning on devices. I would assume (hope) that remote wipe is specific only to the corporate data that is sync'd from exchange, and storing this information in a crypto layer would be vital, esp if you were to dock the phone via USB etc.
 
vitaly_repin's Avatar
vitaly_repin is offline vitaly_repin
2010-01-03 , 12:52
Posts: 320 | Thanked: 763 times | Joined on Oct 2009 @ Espoo, FInland
#705
Originally Posted by THavoc View Post
I attached the first version, I would be grateful if somebody could help me test it. The basic functionality is there, but is still needs polish and packaging.
Works for me.

My remarks:

1) No debian packaging yet => no way to integrate it to extras yet. Don't forget about optification when doing debian packaging, pls.
2) You can create project page at garage.maemo.org if you wish
3) The folders are shown as a list, not as a tree. Hierarchy is lost from end-user PoV
4) Would be better to have the nice launch icon in Applications. This way, the application will be available not only for geeks but for wider audience.
5) [ Dream ] The perfect way is to implement this application as a control panel applet. Control panel applet is a so-file, loaded into the CP process in run-time, it can not be written directly in python. I am not a python programmer but I can imagine the schema like this: C-function calls python interpreter to build widgets inside C-application. Some kind of mix. I was doing this with Tcl/Tk several years ago. I believe it could be possible with python also.
 
THavoc's Avatar
THavoc is offline THavoc
2010-01-03 , 17:05
Posts: 40 | Thanked: 21 times | Joined on Dec 2009
#706
Originally Posted by nux View Post
It works like it should, but is it possible to just uncheck a folder from automatic update. But let the folder be visible in modest and allow manual sync of that folder?
As far as I understand the system, this is not possible atm; maybe Vitaly can prove me wrong.

(Theoreticaly, if there would be a folder class which is not synced but still displayed by the mail client, it would be possible)
__________________
Duct tape is like the force. It has a light side, a dark side, and it holds the world together.
--
Please vote for MfE Google Synchronization HERE
MfEfolders - Enable/disable MfE sync on a folder by folder basis; locally rename mail folders
 
THavoc's Avatar
THavoc is offline THavoc
2010-01-03 , 17:21
Posts: 40 | Thanked: 21 times | Joined on Dec 2009
#707
Originally Posted by vitaly_repin View Post
1) No debian packaging yet => no way to integrate it to extras yet. Don't forget about optification when doing debian packaging, pls.
2) You can create project page at garage.maemo.org if you wish
Yep, I'm on this right now, but this beeing my first Maemo app, it takes some research into the whole packaging,optifying issue.

Originally Posted by vitaly_repin View Post
3) The folders are shown as a list, not as a tree. Hierarchy is lost from end-user PoV
True, but I couldn't find a hildonized tree widget yet, and not even an example on the device. I will either try how a gtk tree widget looks on the device, or will try to fake a tree using buttons.

Originally Posted by vitaly_repin View Post
4) Would be better to have the nice launch icon in Applications. This way, the application will be available not only for geeks but for wider audience.
I already have the icon, it should appear in Apps when the packaging is done.

Originally Posted by vitaly_repin View Post
5) [ Dream ] The perfect way is to implement this application as a control panel applet. Control panel applet is a so-file, loaded into the CP process in run-time, it can not be written directly in python. I am not a python programmer but I can imagine the schema like this: C-function calls python interpreter to build widgets inside C-application. Some kind of mix. I was doing this with Tcl/Tk several years ago. I believe it could be possible with python also.
Yeah, it would be cool, but at first sight looks a little over my head
__________________
Duct tape is like the force. It has a light side, a dark side, and it holds the world together.
--
Please vote for MfE Google Synchronization HERE
MfEfolders - Enable/disable MfE sync on a folder by folder basis; locally rename mail folders
 
altomkins is offline altomkins
2010-01-03 , 20:34
Posts: 11 | Thanked: 0 times | Joined on Dec 2009 @ England, UK
#708
From the excellent wiki;

"Unfortunately, there is no way to disable certificates check at the client side in the current MfE release."

Will there be the ability to do this in later releases?

The sertificate my company uses is duff [no CA or something]
 
vitaly_repin's Avatar
vitaly_repin is offline vitaly_repin
2010-01-04 , 10:14
Posts: 320 | Thanked: 763 times | Joined on Oct 2009 @ Espoo, FInland
#709
Originally Posted by THavoc View Post
As far as I understand the system, this is not possible atm
You are right.
 

The Following User Says Thank You to vitaly_repin For This Useful Post:
vitaly_repin's Avatar
vitaly_repin is offline vitaly_repin
2010-01-04 , 10:16
Posts: 320 | Thanked: 763 times | Joined on Oct 2009 @ Espoo, FInland
#710
Originally Posted by altomkins View Post
From the excellent wiki;

"Unfortunately, there is no way to disable certificates check at the client side in the current MfE release."

Will there be the ability to do this in later releases?
Not in the upcoming release. We are working on this but I can not communicate any concrete plans, schedules et cetera.
 

The Following User Says Thank You to vitaly_repin For This Useful Post:
Reply
Page 71 of 158 « First 616970 71 727381 Last »

Tags
activesync, certificate, email, exchange, fremantle, ignore tex14, maemo 5, mail for exchange, mfe, n900, provisioning, sync, thanks vitaly!

« Previous Thread | Next Thread »

 
Forum Jump


All times are GMT. The time now is 09:50.

Contact Us - Home - Archive - Top