Jiri Tomek
2015-07-28 07:13:46 UTC
I understand current Wix team statement that it's not possible to build Burn
bundle with products A,B and C and then during execution get somewhere
product D and install it in the bundle. The reason is security and I get it.
But, what about allowing dynamic bundle where security is provided by
certificate used to sing individual MSIs?
Example: I create a bundle to which I provide a certificate that will be
used for all packages that bundle can install. Bundle itself will have no
payload. The MBA will contact download server and provides user the list of
available products or updates to install. User selects items, MBA will
download them and call Burn Engine to add these items to install chain. Burn
checks signature of all these items and accepts them only if it's valid for
the certificate used during compilation. This way it's secure and it allows
to build really rich install/update platform that is fully data-driven.
Current limitation which allows only installation of packages that are known
during build-time is so limiting in my use case that I'm not able to use
Burn. I would have to build new bundle every few days, have multiple of them
to cover different product combinations etc. Being able to leverage Burn
install platform with dynamic data would be just awesome.
--
View this message in context: http://windows-installer-xml-wix-toolset.687559.n2.nabble.com/Feature-suggestion-Dynamic-Burn-bundle-tp7600934.html
Sent from the wix-users mailing list archive at Nabble.com.
------------------------------------------------------------------------------
bundle with products A,B and C and then during execution get somewhere
product D and install it in the bundle. The reason is security and I get it.
But, what about allowing dynamic bundle where security is provided by
certificate used to sing individual MSIs?
Example: I create a bundle to which I provide a certificate that will be
used for all packages that bundle can install. Bundle itself will have no
payload. The MBA will contact download server and provides user the list of
available products or updates to install. User selects items, MBA will
download them and call Burn Engine to add these items to install chain. Burn
checks signature of all these items and accepts them only if it's valid for
the certificate used during compilation. This way it's secure and it allows
to build really rich install/update platform that is fully data-driven.
Current limitation which allows only installation of packages that are known
during build-time is so limiting in my use case that I'm not able to use
Burn. I would have to build new bundle every few days, have multiple of them
to cover different product combinations etc. Being able to leverage Burn
install platform with dynamic data would be just awesome.
--
View this message in context: http://windows-installer-xml-wix-toolset.687559.n2.nabble.com/Feature-suggestion-Dynamic-Burn-bundle-tp7600934.html
Sent from the wix-users mailing list archive at Nabble.com.
------------------------------------------------------------------------------