[Project_owners] code-signing certificates from mozdev?

Eric H. Jung eric.jung at yahoo.com
Sun Oct 22 18:44:31 PDT 2006


Created bug:
http://bugzilla.mozdev.org/show_bug.cgi?id=15482


----- Original Message ----
From: HJ van Rantwijk <bugs4hj at aim.com>
To: project_owners at mozdev.org
Sent: Sunday, October 22, 2006 12:42:34 AM
Subject: Re: [Project_owners] code-signing certificates from mozdev?

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Eric H. Jung wrote:
> I agree with Michael that code-signing is the same as vouching that the extension is non-evil. It simply ensures that the code hasn't been tampered with.

I agree, and project owners using such MDO certificate should have some
sort of statement on their download/installation page about it, no?

> I'll open a bugzilla bug on it to track it, if you want?

Yes, I think we need one for tracking progress.

> It sounds like the timing is bad.

Timing is always bad it seems ;)

p.s. code signing was originally planned by MDO, but was later dropped
for unknown reasons (unknown to me/or I just forgot why).

/HJ
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (MingW32)

iD8DBQFFOva6Rrb6S73JMeYRAuw+AKCHnCKr2txXNZGxCDqdvVzcex0GUwCgkcZF
TFMWdM9Q9VbRV+pgD9TV5MY=
=BuGh
-----END PGP SIGNATURE-----
_______________________________________________
Project_owners mailing list
Project_owners at mozdev.org
http://mozdev.org/mailman/listinfo/project_owners




-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mozdev.org/pipermail/project_owners/attachments/20061022/99d9e317/attachment.html 


More information about the Project_owners mailing list