Comments on: ClickOnce, I think I love you http://averyblog.com/net/clickonce-i-think-i-love-you/ This is not the greatest tagline in the world... this is just a tribute. Mon, 11 Jan 2010 16:36:16 +0000 http://wordpress.org/?v=2.8.4 hourly 1 By: Tim Marman http://averyblog.com/net/clickonce-i-think-i-love-you/comment-page-1/#comment-2083 Tim Marman Mon, 26 Feb 2007 01:29:53 +0000 http://averyblog.infozerk.net/?p=615#comment-2083 <p>There are many things I love about ClickOnce, but the one thing that really gets me is that the application manifest has to be signed with the deployment url or the app doesn't load. This means 1) no aliases and 2) you effectively can't package them (as most enterprises would do). We've worked around this by using mage at install time, but even then you can't test a node directly... and if you rename the cluster, it fails.<br /><br />It's a little disappointing that they've implemented yet another level of security instead of relying on the underlying .NET trust (e.g., let me trust everything signed by a particular publisher). I'm told this restriction will be lifted in the future somewhat - that is, the deployment url will be dynamically populated based on where it was first run from. <br /><br />That reminds me, I've been meaning to write up my experiences with ClickOnce.</p> There are many things I love about ClickOnce, but the one thing that really gets me is that the application manifest has to be signed with the deployment url or the app doesn’t load. This means 1) no aliases and 2) you effectively can’t package them (as most enterprises would do). We’ve worked around this by using mage at install time, but even then you can’t test a node directly… and if you rename the cluster, it fails.

It’s a little disappointing that they’ve implemented yet another level of security instead of relying on the underlying .NET trust (e.g., let me trust everything signed by a particular publisher). I’m told this restriction will be lifted in the future somewhat – that is, the deployment url will be dynamically populated based on where it was first run from.

That reminds me, I’ve been meaning to write up my experiences with ClickOnce.

]]>