[Project_owners] XPI install still vulnerable to MITM attacks on mozdev.org

Pete Collins pete at mozdevgroup.com
Wed Jul 18 05:44:12 PDT 2007

> and the one most easily supported without requiring developers 
>get code-signing certs.
If you are serious about security and your extension/add-on, then you 
would get a code signing cert.

The best protection we have right now for extension security is to sign 


Pete Collins - Founder, Mozdev Group Inc.
Mozilla Software Development Solutions
tel: 1-719-302-5811
fax: 1-719-302-5813

More information about the Project_owners mailing list