Hi all, For now, all bundles aren't signed but in new Sucrose-0.86 updater control component was introduced(which is based on updater component from OLPC but doesn't use bitfrost).
Sucrose updater just fetches metadata from ASLO[1] and download proper xo bundles. So, the question is, should secure updates from ASLO be a blocker for 0.86 release(it could be https:// access for metadata or signed metadata updates or so). [1] http://activities.sugarlabs.org/services/update.php?id=org.laptop.WebActivity&appVersion=0.84 -- Aleksey _______________________________________________ Sugar-devel mailing list Sugar-devel@lists.sugarlabs.org http://lists.sugarlabs.org/listinfo/sugar-devel