[vlc-devel] 0.8.6d Release schedule

Rafaël Carré funman at videolan.org
Fri Nov 23 12:51:01 CET 2007

Le vendredi 23 novembre 2007 à 09:37 +0100, Remi Denis-Courmont a
écrit :
> On Fri, 23 Nov 2007 01:30:30 +0100, Rafaël Carré <funman at videolan.org>
> wrote:
> > * Update system: It is currently disabled, and dionoea (Antoine)
> > proposed himself to code it with https with an embedded certificate, but
> > it is still unclear if it will remain insecure or not.
> Using HTTP/TLS would as secure as the server is (not very secure but still
> quite OK). However, there is no way to specify one specific certificate
> through the TLS plugin interface at the moment. Worst, I am not at all
> convinced that the server can serve HTTP/TLS for as many clients as there
> will be.

Do the files really have to be served through HTTPS ?
I would think:
	1/ Authenticate videolan.org with HTTPS
	2/ Look for potential updates with HTTP
	3/ Download them with HTTP

My own opinion is that this whole system should be removed, and the user
should just be warned that a new version is available, and download it

Rafaël Carré <funman at videolan.org>

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Ceci est une partie de message num?riquement sign?e
URL: <http://mailman.videolan.org/pipermail/vlc-devel/attachments/20071123/9d00aca0/attachment.sig>

More information about the vlc-devel mailing list