tosu

trust on subsequent use.

once we have established tofu, what about updates?

package managers have (mostly) solved this problem for our operating systems, let's learn from them.

webboot will allow:

semantic versioned updates of web properties.

optional social trust through pgp keys. [1][2]

deprecation of older versions of clients, for example when server api's get changed.

flagging broken builds when they start failing on the clients, and warning both developers and users before they update.

developers can flag vulnerable versions, those will not execute on any client and force an update before allowing the page to load.