Mobile/Projects/APK Factory/Meeting 2013 11 22
Answering questions in bold.
David contributed questions to Wil's rewrite.
dvd: I heard a few times during various calls that we really do not want to add code into Fennec; this scenario assumes modifying and maintaining code in Fennec This is our core compentency. It's what we do baby!
dvd: on-the-fly generation of APK could possible lead to performance issues? Less storage (only manifests and a few flags for update, version, etc.) but more CPU consuming. Maybe not an issue, but I wanted to raise it.
It's all about the caching, baby!
(TODO: Are push notifications an option instead of polling?)
It's not 1998...
B2G has the API... but...
Let's think about it. Push isn't 100% reliable.
See my note below. what about the developer actually has keys but is not aware of that the app is being pushed as an APK
Ya, this could happen. If we make the UX smooth, then devs won't know. Dev has android apps, writes OWA version, doesn't know we're managing keys for them. The dev has two crypto identities in the apk world.
[ ] Is this a port of an existing app? (scales to Android, iOS, Blackberry, etc) UX probably won't like this ^
If we do this, it's Marketplace side. Not MVP.
dvd: Issue: what if the developer doesn't know that his app is going to be auto-generated and installed as an APK on Android. If the OWA has not been submitted through the marketplace, the developer is not aware of this. The developer may already have the same app developed as an Android native app or an Android Webapp. If Fennec displays any webapp with an install button as the webapp thinks it will be deployed within the browser, there is no way for the developer to opt out. I am not arguing against the openness as an argument but rather for the developer to be in control.
Use case: pre-submission development
As a developer I would like to be able to test my APK without submitting it to the marketplace.
Isn't this irrelevant, don't you just hit the APK Factory as a developer and get an .apk?
If it's a hosted app, I make my own Install button (hard, but doable).
Test your app, install, factory, install.
If priveleged, you can't do that. One and only one key, in fortress of solitude.
On B2G side load via App Manager. Bypasses the lizard brain (B2G checks).
APK signing web app signing are different.
We need side-loading of Apps onto Android phones.
Fennec APK apps have the same security architecture as OWA.
Non-priveleged packaged apps... Just hit the APK Factory
Between james, myk, and marco ... we should know.
How are we identifying that we are signing with a debug cert.
Should be the same as reviewing a priveleged apps.
James and Bill should talk to App Manager team.
Use case: post-submission review
How do we know to sign it with which cert.
OWA Signing - reviewer key, production key packages are distributed, reviewers review malicious. Avoid propagation signed with the real cert. Standard device can't install.
Debug key - used on APK Signing when the OWA package is still in review
This is an unsigned problem for multi-marketplace - Android, Fennec, FxOS haven't solved this....
Rewrite of Gecko to support multiple keys... it's coming!
JSON needs a spec
How do we tie keys to apps and developers.
JRRandom can click Install and they get an APK with standard key.
A developer would be insane to give us their keys.
java packages - we must guarenteee that they are unique
stats - Feedburner, caches RSS feeds.
when crawling RSS feed, they told the website how many subscribers there were crawling manifests -> tell that developer or marketplace how many ADU we for them.
Really cool idea!