[Project_owners] Secure installation using InstallTrigger()

Douglas E. Warner silfreed at silfreed.net
Mon Nov 19 18:40:14 PST 2007


On Monday 19 November 2007, Michael Vincent van Rantwijk, MultiZilla wrote:
> and that sounds promising, but what exactly is he referring to with: "a
> project downloads" and "served from an HTTPS site" ?

"project downloads" refers to files that are available for downloading for a 
project (files in the downloads/ folder).

"served from an HTTPS site" means that the InstallTrigger() link will be 
served from an HTTPS site (https://www.mozdev.org/__something__).  The actual 
file will still be served from our regular mirror network (HTTP, non-SSL), 
but since the hash is served from a secure location the file can be properly 
verified.

-Doug
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part.
Url : http://www.mozdev.org/pipermail/project_owners/attachments/20071119/4183723c/attachment.bin 


More information about the Project_owners mailing list