Note: Authority and authority The game right now is obviously not very well thought of if the Authority of the game is actually formed of many people, which might happen eventually. Obviously it is a bad idea to have each one of them have the authority private key file - that file should be a very well kept secret - if one of them "leaks" it then it can/will RUIN everything. If someone can just pretend to be the Authority then OpenTCG must be, well, restarted with new keys - and if the game is developped that will be bad.

This is even more a problem for the Designer Key. Surely there will be more than one designer, but can we give them each the designer key? No!

Yet, having a dynamic set of keys be accepted as, say, authority, is not a solution - the game becomes more tied to a server that must now be checked for keys too. Therefore, the solution will be proxies.

Take, for instance, Authority key authentication. The key will ONLY be stored on ONE computer (well, excluding mine :P), a server. That server will emit all authority requests - those automated by OpenTCG Software (yes, a lot of the projects will make Authority Requests to other projects) and the manual ones sent by people who have the rights. For the manual requests, the server will have a separate mechanism for authenticating the ones he's proxying for.

This allows for security and flexibility while keeping things very simple where in matters most - in the main servers and clients: for those Authority is Authority.

In conclusion the idea is that none of the keys (authority, publisher, designer, server) will leave the opentcg servers at any time.  ¶ 12:00 AM