From MozillaWiki
Jump to: navigation, search

McCoy is a simple XULRunner based application that enables add-on authors to provide secure updates to their users. Specifically it focuses on the process of digitally signing update manifests so the client applications can verify the integrity of a manifest retrieved over normally insecure channels.


The goal of McCoy is to enable the secure hosting of add-on updates in as convenient a manner as possible.

Target Audience

The primary target audience of McCoy is add-on developers who for whatever reason SSL based hosting is not an option. Primarily we focus on single developers (teams generally being more likely to have access to funding to use SSL based security).

Release Milestones

Below are the release versions of McCoy. Milestones relate to the target milestone used in bugzilla for tracking the release.

Version Milestone Mercurial Tag Release Date
0.5 M1 MCCOY_0_5_RELEASE 17/09/2007
1.0 M2 Not Released


User Interface

The user interface guidelines give an overview of how the application is structured and what additional widgets are available.


Any bugs or feature enhancements should be filed in bugzilla. Open a bug. Current bugs.

Source Code

McCoy is available from Mozilla's Mercurial repository. You can check out the latest trunk version using the command:

 hg clone

See the release milestones above for the tags for various releases.

Read about how to build McCoy.