- From: Lukasz Olejnik <notifications@github.com>
- Date: Sun, 02 Aug 2020 08:18:25 -0700
- To: w3c/manifest <manifest@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Sunday, 2 August 2020 15:18:40 UTC
> I think you need to sign the app and have a predefined list of files signed. This is what happens in the native app process. This definitely makes the process of changing code less flexible but also increases security. Right now most apps are open to man in the middle attacks and file tampering. So I could see PWAs going that direction no matter what. Interesting. So something like Certificate Transparency - but intended to dynamic manifest files, like say, Manifest Transparency Extension? -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/w3c/manifest/issues/399#issuecomment-667686883
Received on Sunday, 2 August 2020 15:18:40 UTC