[Project_owners] XPI install still vulnerable to MITM attacks on mozdev.org

Scott sgrayban at gmail.com
Wed Jul 18 11:11:22 PDT 2007

David Boswell wrote:
> I think it makes the most sense for mozdev to follow AMO's policy in
> this matter.  This will benefit project owners because they won't need
> to worry about dealing with two separate systems for installations and
> downloads.  
> I also don't think we have been reluctant to implement this feature. 
> We've evaluated using the mozdev cert for downloads and installations
> and decided that this is unnecessary.  For some background, this issue
> came up earlier this year and we decided it wasn't needed then as well.
> Evaluate code-signing certificate for XPI downloads
> https://www.mozdev.org/bugs/show_bug.cgi?id=15482 
> I can understand if there is disagreement about this matter because it
> is complicated and AMO's policy about this is changing right now as
> well.  I suggest we keep tracking this and change our plans as needed.

What is wrong with getting all the developers to either buy a code
signing cert or a generating a self-signed cert and using that to sign
both the updates.rdf and the XPI when they build the XPI file?

That would make all these issues go away in a flash. I already sign my
XPI's and signing the updates.rdf wouldn't be so difficult.

- Scott

More information about the Project_owners mailing list