On 5/21/2012 5:29 AM, Gervase Markham wrote:
On 17/05/12 19:24, Fabrice Desré wrote:
Could the team explain the purpose of this value? What security concern
prompted its inclusion in the manifest format?
I'm not part of the apps team, but I guess the purpose is to prevent
rogue stores to sell apps without the author consent.
What exactly does that mean? What is a "rogue store"?
Is the problem that stores which list apps have no obligation to
actually pay the app author anything?
If this is the case, surely a blacklist ("installs_forbidden_from")
might work better?
Have we changed our position on wanting there to be multiple competing
stores, or not? If we have not, then how do we envisage it working in
practice?
Does each store need to have a relationship with the author of the apps
it lists? I was under the impression this wasn't going to be necessary.
I believe that the intent of this restriction is entirely related to
receipts. Assuming that an app requires purchase, the app will only have
a relationship with certain stores which can sell the app (and from
which it accepts receipts). So this is basically a declarative way of
saying that if you got the app from some other store, you shouldn't
expect it to work.
--BDS
_______________________________________________
dev-webapps mailing list
dev-webapps@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-webapps
