Announcement: One Click Installer

Matt Zimmerman mdz at
Wed Aug 8 16:14:18 UTC 2007

On Wed, Aug 08, 2007 at 05:14:01PM +0200, Krzysztof Lichota wrote:
> Matt Zimmerman napisał(a):
> > On Wed, Aug 08, 2007 at 04:58:21PM +0200, Krzysztof Lichota wrote:
> >> Matt Zimmerman napisał(a):
> >>> On Tue, Aug 07, 2007 at 09:57:42PM +0200, Krzysztof Lichota wrote:
> >>>> This is the approach of apt:// protocol. It is not extensible and it
> >>>> will not make Ubuntu competitive to rich software ecosystem of Windows.
> >>>> There _must_ be the way for third party software creators to publish
> >>>> their software easily. Otherwise they will not be interested in creating
> >>>> their apps for Linux.
> >>> The two are not mutually exclusive, and an ideal solution would incorporate
> >>> both.
> >> One Click Installer can be used for both, providing trusted, signed
> >> installation files signed by Ubuntu and providing unsigned files for
> >> third party developers.
> > 
> > It is not a question of whether the file is signed or not; it is a different
> > abstraction.
> > 
> > One is "install package X from repository Y". (One Click seems to do this,
> > from your description)
> > 
> > The other is "install package X from your existing, configured
> > repositories" (this is like apt:// and similar ideas)
> > 
> > The key difference is that in the latter case, the metadata does not supply
> > a repository, and there should be (notably) none of the usual security
> > issues, regardless of whether the metadata is authenticated.
> Exactly, so how in this case you want third party developers to provide
> their apps?

We are talking past each other.  There are two distinct use cases here, and
I am a) saying they could both be fulfilled by the same software mechanism,
and b) asking whether your system does both.

>From the sound of it, it only addresses the explicitly third-party
repository case, and not the case where the application is implicitly
available from Ubuntu.

Yes, there are third-party developers who could make use of such a system to
publish their applications, but there are also developers who are well
served by the existing system and would benefit from having a web-oriented
way to indicate that their software is included in the Ubuntu repositories,
delegating all decisions about repository location and authentication to the
package manager.

 - mdz

More information about the Ubuntu-devel-discuss mailing list