[vlc-devel] Future of the update mechanism

Felix Paul Kühne fkuehne.videolan at googlemail.com
Thu Jul 30 17:16:45 CEST 2009

Am 30.07.2009 um 16:37 schrieb Rémi Denis-Courmont:

> Le jeudi 30 juillet 2009 17:30:30 Georg Seifert, vous avez écrit :
>> The check for new version is recommended to use a secure connection,
>> but it works also over simple http.
> If it were as simple as removing security, Funman would not have  
> implemented
> OpenPGP support in the first place. We must verify that the  
> downloaded update
> is not corrupted, yet we should not depend on TLS for that.
> From what's been said, it would seem that Sparkle fails the "Windows"
> requirement as well as the "security without TLS" requirement.

Well, as hinted by Pierre previously, using the current approach for  
Windows or switching to a native windows-updating mechanism kind of  
makes sense. I don't really see why clearly platform-dependent code  
must be forced to be independent.

Regarding the SSL-dependency of Sparkle, it's a bit a 1.5 kB download  
per check we're discussing here. The actual update can be safely  
downloaded through untrusted channels, as it is checked against the  
signed hash. I seriously doubt that 1.5 kB downloads kill our server.  
Additionally, nothing speaks against updating the update mechanism a  
few hours or days after we hit the news pages once the peak traffic is  

Anyway, as j-b pointed on IRC yesterday, we will need a trusted, not- 
self-signed SSL certificate anyway. This would cost 10 € per year  
max., something VideoLAN can cover without any problems.

Best regards,


More information about the vlc-devel mailing list