Nick Mathewson:
TUF was a successor/fork of Thandy, not the predecessor:
Sure. (Thats what I meant to write. :)
TUF is written in python, and after all those years, TUF developers are still maintaining it and actively developing it. I think in future TUF will become a mature and widespread solution. Also work is being done to let pip (the python library installer) internally use TUF. So it can't be so bad after all?
If you have discussed this and reasons for rejecting, fine. Just wanted to throw it in, because I think basing this feature on another active project (TUF) works better than reinventing the wheel.
Well, it's not like the Firefox updater isn't an active project either.
True.
The advantage of using the FF updater are:
* Actually proven to update Firefox. (That's a big one; updating arunning application in a cross-platform, user-friendly way is much harder than the "replace files with the latest version" problem.)
I see.
* Smaller marginal increase in Windows bundle size, since itdoesn't require a Python interpreter or py2exe runtime for TBBs that don't ship that. * Used in production by orders of magnitude more people. * Has even more maintainers and developers. * Is even more mature and widespread. * Likelier to be doable fast by the people working on TBB today, we think.
Good points.
In the Munich meeting, we weren't sure what the exact disadvantages are yet; perhaps once we've reviewed the state of the art with FF's updater, we'll run screaming for the hills. Likely disadvantages include the kind of stuff that most non-Thandy, non-TUF systems suffer from.
That said, who knows? If the distance from where FF is to where it needs to be is too big, we might be wrong. The answer might be to end up with porting the important parts of TUF/Thandy (metadata management) to Javascript, and leaving the stuff that Firefox does especially well (download updates and apply them in a robust and user-friendly way) as-is.
(BTW, a thought I had: one subtle flaw of the meeting summary format [and of most of the online stuff I write, I guess] is that it doesn't do a good job of distinguishing between "I'm sure about this! It's decided forever"; "I'm pretty sure about this, but let's talk more as we go forward"; and "I dunno, seems like a good idea, let's try it." So when you write stuff like that, there's always a risk that you'll sound like you're dropping ukazes when you're really just trying to make the best decision you can today, subject to revision tomorrow. So thanks for asking!)
Sounds very reasonable. Thank you, Nick for explaining that to me.