What can a ClickOnce application in an Internet Zone sandbox expect to get away with?

Question

We have an application that we want to make available to the general internet-using public with as few clicks as possible. I'm investigating whether we can use ClickOnce to avoid the confirmation dialog that our existing alternatives entail.

My research so far indicates that this ought to be possible as long as (a) the application is AuthentiCode signes, and (b) it comes with a manifest that request a sufficiently innocuous set of permissions.

Where can I find a detailed, authoritative list of which permissions are "sufficiently innocuous" to avoid the confirmation dialog? I've clicked around on MSDN without locating anything that looks relevant.

I've found some information which as far as I understand it says that the permissions granted to Internet Zone applications by default were user-configurable prior to .net 4.0 (i.e. for XP and Vista), but that in later version they are hard-coded in the "host" (by which I assume is meant the web browser?). But even if that is true, I'll need to know that the default default Internet Zone permissions in XP and Vista are, as well as what the hardcoded permission sets in Windows 7 is.

I'm not very knowledgeable about .net so it is possible that I'm approaching this from a completely wrong perspective. If so, please let me know what the right perspective is. (However, I don't need any lectures about the propriety of wanting to run without a confirmation dialog -- you would be preaching to the choir, but that decision is not mine to make).

Answer 1

A coworker found an MSDN page <trustInfo> Element (ClickOnce Application), containing something that purports to be the answer:

The first example illustrates the trustInfo element for the default permissions available in the Internet security zone.

It could be more authoritative, but it's better than nothing.