Hello Benjamin -
The converse is true as well. If you don't honor installs_allowed_from, how
can a free app developer make sure that some store isn't charging for their
app? Personally, as an app developer, don't want to automatically give
universal permission for any arbitrary store to distribute my app. It should
be my choice. We can make the default be open ("*"), but we should respect the
developers wishes.
Note that "trusted" apps (those that require higher sensitivity APIs) have to
come from specific stores that have signed off on the app. Even if the app is
free. But that isn't directly germane to the discussion.
-Jim Straus
On May 24, 2012, at 12:04 PM, Benjamin Smedberg wrote:
> On 5/24/2012 11:57 AM, Jim Straus wrote:
>> Hello -
>> People can certainly created rogue UAs that can bypass much more than
>> "installs_allowed_from". But I don't think manufacturers are likely to do
>> this as they know it would seriously impact the ecosystem of
>> stores/developers/devices as it would be a disincentive for developers to
>> develop for the platform. Device manufacturers can make it difficult for
>> folks to install rogue UAs by requiring signed code before
>> installing/running new UAs (as some Android devices do). This isn't to say
>> it can't/won't happen. B2G is effectively a rogue UA on Android, but I
>> don't think it is likely to be done as part of an manufacturer distribution.
>> As mentioned previously, if an author wants, they can allow for
>> distribution from any place using the "*". but it is ultimately up to the
>> app developer to make that choice.
>> -Jim Straus
> While installs_allowed_from may be necessary for paid apps (in order to keep
> people from being tricked into paying for something which they then can't
> receive), it is overall a necessary evil, and if we could distinguish in some
> other way between paid and nonpaid apps, we (the Mozilla UAs) *shouldn't*
> honor it for nonpaid apps. In general, we should be giving the most control
> to the user, not to the developer.
>
> --BDS
>
_______________________________________________
dev-webapps mailing list
dev-webapps@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-webapps
