I've been reading up on ClickOnce and it is a very useful thing for easily deploying simple winforms app over the web (like an applet). This MSDN article followed by this FAQ are great overviews to understand it. It also helps having Shawn Farkas only two doors down the hallway ;) [Update:] And there's a ClickOnce Team blog.

As an end-user, the things I like most about ClickOnce are:

• It's secure, and the sandbox is large enough that you can still do interesting things. It helps that there are things like IsolatedStorage (which give you application-specific files) and SafeTopLevelWindow UI Permissions.
• If I stay in the sandbox (eg, don't require additional permissions outside the default permission set for the internet zone), then the install and run experience is seamless, no hassle, and secure. I can sleep well at night knowing an app in the sandbox can't take over my system.
• It gives me a super-easy way to deploy simple winforms (or console) apps over the web.
• It let me optionally add an item to my start-menu. If it does this, it's also good about letting me run it offline and checking for updates.
• It caches the files locally. (Not having to hit the network every time gives me a warm fuzzy feeling)
• It also handles updates.
• It doesn't require any changes to my code. For example, my winforms app doesn't need to derive from a special base class, implement a special interface, or get marked up with special attributes.
• It's all exposed in a nice VS UI. (See the "Publish" tab in project settings).

As I said earlier, I'm not even close to a security expert, and I think I've just said everything I know about ClickOnce. If you want to know more about it, check out Shawn's Click-once category.