[vlc-devel] Future of the update mechanism

Rémi Denis-Courmont remi at remlab.net
Thu Jul 30 16:37:06 CEST 2009

Le jeudi 30 juillet 2009 17:30:30 Georg Seifert, vous avez écrit :
> The check for new version is recommended to use a secure connection,
> but it works also over simple http.

If it were as simple as removing security, Funman would not have implemented 
OpenPGP support in the first place. We must verify that the downloaded update 
is not corrupted, yet we should not depend on TLS for that.

From what's been said, it would seem that Sparkle fails the "Windows" 
requirement as well as the "security without TLS" requirement.

Rémi Denis-Courmont

More information about the vlc-devel mailing list