On Feb 20, 2012 1:21 PM, "Michael A. Labriola" <labri...@digitalprimates.net> wrote: > I am not going to hold my breath on this, but the way to avoid this would be to have adobe host a minimal-sized, signed rsl, that contained our hashes. Then we have the hashes with a level of confidence.
Can't the hashes of all used libraries be compiled into the application? The problem with hash verification may be a performance of md5 calculations in as3. I recall a performance issues caused by custom RSL verification in one project. Cheers, Iwo
