[vlc-devel] 0.8.6d Release schedule
Rafaël Carré
funman at videolan.org
Fri Nov 23 12:51:01 CET 2007
Le vendredi 23 novembre 2007 à 09:37 +0100, Remi Denis-Courmont a
écrit :
> On Fri, 23 Nov 2007 01:30:30 +0100, Rafaël Carré <funman at videolan.org>
> wrote:
> > * Update system: It is currently disabled, and dionoea (Antoine)
> > proposed himself to code it with https with an embedded certificate, but
> > it is still unclear if it will remain insecure or not.
> > NEED CODE
>
> Using HTTP/TLS would as secure as the server is (not very secure but still
> quite OK). However, there is no way to specify one specific certificate
> through the TLS plugin interface at the moment. Worst, I am not at all
> convinced that the server can serve HTTP/TLS for as many clients as there
> will be.
Do the files really have to be served through HTTPS ?
I would think:
1/ Authenticate videolan.org with HTTPS
2/ Look for potential updates with HTTP
3/ Download them with HTTP
My own opinion is that this whole system should be removed, and the user
should just be warned that a new version is available, and download it
himself.
--
Rafaël Carré <funman at videolan.org>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Ceci est une partie de message num?riquement sign?e
URL: <http://mailman.videolan.org/pipermail/vlc-devel/attachments/20071123/9d00aca0/attachment.sig>
More information about the vlc-devel
mailing list