[Project_owners] Secure Updates for Firefox 3

Douglas E. Warner silfreed at silfreed.net
Wed Jul 18 11:18:36 PDT 2007


On Wednesday 18 July 2007, Scott wrote:
> So how will signing just the updates.rdf be a better way then?
>
> Let's just assume that at some point a hacker figures out a way to
> bypass that little bit of info, which is entirely possible, and sends an
> botnet addon in its place?
>
> I just do not see how just signing the RDF will make anything *safer*.
> If you want real security then I would implement signing both files.
> That would guarantee that everything is coming from the right place and
> person.

Signing both the updates.rdf and the XPI *is* better; the proposal is focused 
on the updates process since *that* is the easiest exploit.

Please read the proposal for details on why this is better/safer:

http://wiki.mozilla.org/User:Mossop:Fx-Docs:AddonUpdateSecurity
http://wiki.mozilla.org/User_talk:Mossop:Fx-Docs:AddonUpdateSecurity

-Doug
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part.
Url : http://mozdev.org/pipermail/project_owners/attachments/20070718/c1fbf5f9/attachment.bin 


More information about the Project_owners mailing list