Shoutbox

About digital signature, having it implemented might make a lot of fuss around this (important, though) issue and would create confusion for the users specially unexperienced ones. All this, besides what you already said, about being difficult to actually have a group of people (comitee) checking and validating all submitted scripts as "secure". It has yet another disadvantage.

Say the comitee exists, they might overlook some issues without noticing. For example, a script auto-updating by connecting on the Internet; it would be an obvious security risk, since it might be modified, when already being digitally signed. Of course, now that I'm talking about this, someone will sure come up with a solution for this particular issue. I already have (not allowing a script to modify the digital signature). And I'm sure they [the bad dudes] will find a way to bypass it: each time the script runs, "check for an update" and run the downloaded code without saving it. But what can be the real solution to prevent the scripting system from allowing these kind of problems? Who will the users _tend_ to blame for an infection from a digitally signed, assured-as-secure script? The comitee, of course.

This would also create an intertial behavior (users tending to do something because they got used to) like when I click "No" to all the would-you-like-to-set-this-page-as-your-homepage dialogs in IE, but most likely answering yes to a would-you-like-to-authorize-this-script dialog because it would be overwhelming and they want to check out what all this marvelous script they got is about.

You proposed several other, simpler alternatives which I liked a lot more, and I consider very more effective without sacrificing a sensible versatility amount in the scripting system.

What do y'all think?