[Mono-dev] Mono 1.1.17 has been released.

Robert Jordan robertj at gmx.net
Wed Aug 30 08:45:53 EDT 2006


Jonathan Pryor wrote:
> On Wed, 2006-08-30 at 10:20 +0100, Ben O'Steen wrote:
>>> when i am talking "in a browser" i am talking about stuff that you can't
>>> handle with asp.net, like a full fledged  arcade game (to take it to an
>>> extreme), a video/audio playing client, the power to properly sync video
>>> and audio, integrate with the local file system and other resources.
>>> ASP.NET and AJAX don't even get you 1% of the way there, and even flash
>>> is incredibly lacking in some of these areas.
>> Whilst I haven't put an awful lot of thought into it, can there be a middle
>> ground between 'ActiveX'-style browser apps and install-only apps?
> 
> Yes.  It's called ClickOnce deployment, requires Code Access Security,
> and won't be happening with Mono anytime before 2.0 (iirc).
> 
> Also, it should be noted that .NET 1.0 allowed you to use SWF components
> as if they were ActiveX controls.  I forget the details, but it only
> required Internet Explorer and a .NET 1.0+ installation on the client.

Not only as if they were ActiveX controls. MS.NET's S.W.F.Controls
are in fact ActiveX controls. They implement the required COM
interfaces and are embeddable by several ActiveX containers
(IE, MFC, etc.).

The only difference to plain ActiveX controls is the new
embedding host of the Internet Explorer. The host knows about
MS.NET, its type activation, the CAS, and it is apparently more
secure than ActiveX alone (I hope so ;-).

About Mono's plugin: w/out a working CAS it's grossly negligent
to even think about an implementation that allows the execution
of assemblies from untrusted sources. Even if they were signed
with God's own key, they still were insecure to execute.
Let's not beat this dead horse again.

Robert




More information about the Mono-devel-list mailing list