On Wed, May 28, 2008 at 7:25 PM, Arve Bersvendsen <[EMAIL PROTECTED]> wrote: > On Wed, 28 May 2008 11:10:56 +0200, Thomas Roessler <[EMAIL PROTECTED]> wrote: > >>> 2. Point to an XML file written in our custom XML format (described >>> below). >> >> I'd drop that. > > While more complicated, it buys a number of freedoms: > > 1. In the case that any security-related settings for the widget changes, > they can be reviewed automatically, or optionally manually by the user, and > download of an updated resource can be prevented if the updated version is > not acceptable. This is particularily important on slow connections, since > some widgets run into the megabyte range > 2. It is possible to sign the update XML document, and verify the file prior > to downloading. An example here would be if a signed update document pointed > to an alternate download mechanism, such as a torrent or other P2P > technology, the document could itself be signed, and contain checksums for > the actual file.
True. Just send the update file over HTTPS. -- Marcos Caceres http://datadriven.com.au
