Jaa

What Do You Want to See in Crypto / ClickOnce?

  • Artikkeli

Now that Whidbey's out the door, it's time to look at what we want to do in future releases.  If you've run into any issues with the crypto classes or with ClickOnce let me know!  You can leave comments here or file requests in the MSDN Product Feedback Center.

Even though I'm focusing on crypto and the ClickOnce runtime (simple sandboxed domains, AppLaunch, etc), if you have feedback for other parts of ClickOnce or security I can certainly route those to the right places as well.

Comments

  • Anonymous
    December 15, 2005
    Hi

    I would like to se support for Plugins (or addins as you call them) in ClickOnce. I have not investigated the issue extensively, but I have read (on your blog among others) that all assemblies used by a ClickOnce-app must be defined in the applicaitons manifest.

    I would like to see the possibility of defining a path from which the ClickOnce-application can search for plugin-assemblies during loading. If this already is possible (and my research is lakking) you can disregard this request.

    Regards,
    Trygve
  • Anonymous
    December 15, 2005
    It's possible but only by jumping through some hoops as you've seen. We'll look into making it easier for you :-)

    -Shawn
  • Anonymous
    December 15, 2005
    How about a managed implementation of the ECC (FIPS 186-2 and NIST Special Publication 800-56) public key algorithms? The "NSA Crypto Suite B" (http://www.nsa.gov/ia/industry/crypto_suite_b.cfm) does not authorize the use of RSA for SECRET and above usage after 2010. It requires ECC.

    -Jeff
  • Anonymous
    December 15, 2005
    Thanks Jeff. ECC is absolutely on our radar or things to look at.

    -Shawn
  • Anonymous
    December 15, 2005
    LinkDemands make it really difficult for code to degrade functionality gracefully in low trust environments as the class with the LinkDemand must be called through reflection e.g. FileSystemWatcher. In this particular case, why is FullTrust required?
  • Anonymous
    December 16, 2005
    I would like to see RFC2440 (OpenPGP) support.
  • Anonymous
    December 26, 2005
    The comment has been removed