Matt Zimmerman napisał(a): > On Wed, Aug 08, 2007 at 04:58:21PM +0200, Krzysztof Lichota wrote: >> Matt Zimmerman napisał(a): >>> On Tue, Aug 07, 2007 at 09:57:42PM +0200, Krzysztof Lichota wrote: >>>> This is the approach of apt:// protocol. It is not extensible and it >>>> will not make Ubuntu competitive to rich software ecosystem of Windows. >>>> There _must_ be the way for third party software creators to publish >>>> their software easily. Otherwise they will not be interested in creating >>>> their apps for Linux. >>> The two are not mutually exclusive, and an ideal solution would incorporate >>> both. >> One Click Installer can be used for both, providing trusted, signed >> installation files signed by Ubuntu and providing unsigned files for >> third party developers. > > It is not a question of whether the file is signed or not; it is a different > abstraction. > > One is "install package X from repository Y". (One Click seems to do this, > from your description) > > The other is "install package X from your existing, configured > repositories" (this is like apt:// and similar ideas) > > The key difference is that in the latter case, the metadata does not supply > a repository, and there should be (notably) none of the usual security > issues, regardless of whether the metadata is authenticated.
Exactly, so how in this case you want third party developers to provide
their apps?
Krzysztof Lichota
signature.asc
Description: OpenPGP digital signature
-- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
