ubuntu-appstore-developers team mailing list archive

[John Pugh <john.pugh@xxxxxxxxxxxxx>]

On Wed, Jun 12, 2013 at 11:30 AM, Marc Deslauriers
<marc.deslauriers@xxxxxxxxxxxxx> wrote:
> On 13-06-12 11:13 AM, Daniel Holbach wrote:
>> Hello everybody,
>>
>> there seems to have been broad agreement that we should developers
>> install packages from outside the app store and it seems like 3 options
>> were discussed of which one seems to be preferred (correct me if I'm wrong).
>>
>> It'd be good if we could finalise the plans on this and track the work
>> somewhere.
>>
>> Thanks a lot everyone for contributing to this!
>>
>
> FYI, the 3 options I discussed were the following:
>
> 1- Default Secure Mode: By default, device only installs packages which
> match hash provided by app store signature.
>
> 2- Developer Mode: Developer can add his key to device using tethered
> developer tool. If package doesn't match app store hash, the signature
> on the package itself is checked against local developer key. (Perhaps
> the number of developer keys on device is limited to prevent this being
> used by third-party app stores, etc.)
>
> 3- Untrusted Mode: as on Android. User/Developer checks a box which
> disables any hash/signature verification.

While many will want #3, my layman's thinking would be that #2 is
acceptable provided there is a way for a user to put a app on their
device in some form or fashion which in my mind is a hybrid of #2 and
#3. Even if that means jumping through more hoops than a typical user
or developer would.