[Split off from 589830]
We should be able to override the public key used for trial token verification, through a push to client installs.
This enables us to change the key in case that is required (in case of a private key leak; for instance)
Having investigated different options for this, it seems that the Omaha component updater may be the best fit. We can provide a packaged crx file with an updated public key in the manifest, and have that key read from startup and update a command-line flag to be forwarded to all new renderers.
(Routing this through the command line also allows developers to easily test with their own custom origin trial keys)
Comment 1 by iclell...@chromium.org
, Apr 14 2016