A daily cron job does sound like a good idea. Additionally, Flash archive seems to be available over HTTPS [1], so the intermediary access to p-d-o [2] isn't really necessary.
[1]: https://www.ssllabs.com/ssltest/analyze.html?d=fpdownload.macromedia.com [2]: http://people.debian.org/~bartm/flashplugin-nonfree/D5C0FC14/ Provided we trust Adobe either way, is GPG better than HTTPS in assuring the user's download is legit?
