Hi Rainer, 2009/2/13 Hillebrand, Rainer <[email protected]>: > Dear Marcos, > > From my point of view the current model as described by you is ok. The author > of the update description document and the author of the widget resource that > shall be updated are able to control the security level shall be reached. > This is not mandated by the widget specifications family. If somebody wants > to provide an unsigned update package via HTTP for a signed widget resource > then this will not be prevented by a widget user agent. >
Agreed. A lot of software out there already works over this model. I don't think it is worth over complicating it. Lets just keep it simple and let it work over HTTP/HTTPS. Adding more complexity is unnecessary IMHO. If it can be shown that HTTPS does not provide overall security needed to achieve a widget update, then I think we should consider throwing another signature into the mix. Kind regards, Marcos -- Marcos Caceres http://datadriven.com.au
