Announcement: One Click Installer
Krzysztof Lichota
krzysiek at lichota.net
Wed Aug 8 15:14:01 UTC 2007
Matt Zimmerman napisał(a):
> On Wed, Aug 08, 2007 at 04:58:21PM +0200, Krzysztof Lichota wrote:
>> Matt Zimmerman napisał(a):
>>> On Tue, Aug 07, 2007 at 09:57:42PM +0200, Krzysztof Lichota wrote:
>>>> This is the approach of apt:// protocol. It is not extensible and it
>>>> will not make Ubuntu competitive to rich software ecosystem of Windows.
>>>> There _must_ be the way for third party software creators to publish
>>>> their software easily. Otherwise they will not be interested in creating
>>>> their apps for Linux.
>>> The two are not mutually exclusive, and an ideal solution would incorporate
>>> both.
>> One Click Installer can be used for both, providing trusted, signed
>> installation files signed by Ubuntu and providing unsigned files for
>> third party developers.
>
> It is not a question of whether the file is signed or not; it is a different
> abstraction.
>
> One is "install package X from repository Y". (One Click seems to do this,
> from your description)
>
> The other is "install package X from your existing, configured
> repositories" (this is like apt:// and similar ideas)
>
> The key difference is that in the latter case, the metadata does not supply
> a repository, and there should be (notably) none of the usual security
> issues, regardless of whether the metadata is authenticated.
Exactly, so how in this case you want third party developers to provide
their apps?
Krzysztof Lichota
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 254 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/ubuntu-devel-discuss/attachments/20070808/5b01cb2c/attachment.sig>
More information about the Ubuntu-devel-discuss
mailing list