Being a windows phone developer I must say that the Mango platform update has me very excited (except a 30min and 15 second agent restriction leaves me underwhelmed – but that’s another story).
One aspect of Mango that Microsoft have announced is the inclusion of two new market distribution models those being Beta and private distribution.
The private distribution model has been signalled as a let down for enterprises. This post details the perceived shortcomings: http://blog.wpfwonderland.com/2011/04/15/mango-adds-beta-and-private-marketplaces-to-windows-phone-7-and-neglects-enterprise/
As this post mentions the idea that you can’t restrict the use of the application to a set of users rules out the private model for enterprise distribution.
In my opinion the enterprise has been supported from day one all that you have to do is consider the mechanisms that you are going to use to stop anybody from making use of your enterprise application.
If you consider the fact that your code can gain access to the devices unique identifier then you will be able to identify the device that your code is running on.
Consider this scenario that uses a workflow similar to how SSL certificates are issued to servers:
- A phone user downloads the application.
- The user starts the application. The application asks the user for the Key that the company has provided via email (Thankfully we now have cut/paste to copy the key to the clipboard).
- At this point the user does not have access to the key as this is the applications 1st run, so the user is presented with another button that will generate the key request (this should always be present until the application has received a valid key)..
- The key is generated by code it will incorporate the devices unique identifier. This code is hashed and can be decoded by the companies systems.
- Once the key has been generated the app launches a new email with the key included in the text. The email is addresses to the right email address.
- The company receives the email from the phone user and verifies the email address that the request has come from.
- A key that will unlock the application is generated and sent to the originating email address.
- Once the user has the key they can enter it into the application and away they go.
I know this isn’t perfect and you can probably pick a million holes in it (feel free to do so by posting a comment) but it does illustrate that rather than wait for the distribution channels to be created you can always work around them.
Someone did point out that marketplace certification may be a sticker here . You would have to let the Microsoft testers know about the process via adding notes into the application submission.