Apps/Security/Distribution: Difference between revisions

Jump to navigation Jump to search

Apps/Security/Distribution (view source)

Revision as of 18:12, 26 March 2012

598 bytes added ,  26 March 2012
→‎W3C XML Digital Signatures for Widgets
Line 30: Line 30:
* [[http://www.w3.org/TR/widgets-digsig/#author-signature Authors digitally-sign]] the package
* [[http://www.w3.org/TR/widgets-digsig/#author-signature Authors digitally-sign]] the package
* [[http://www.w3.org/TR/widgets-digsig/#distributor-signature Distributors digitally-sign]] the package ''and'' the author's signature.
* [[http://www.w3.org/TR/widgets-digsig/#distributor-signature Distributors digitally-sign]] the package ''and'' the author's signature.
"Stores" correspond to the W3C's definition of "Distributors"; authors correspond to the B2G concept of "app developer".
The only problem with the W3C XML Widget Digital Signature Standard is that, compared to the infrastructure behind GNU/Linux Distributions, which have been deploying Chained-Signing for some considerable time and have a decades-long complete architecture, the W3C's standard was only ratified in late 2011 and has very few actual implementations.  Here is one implementation:
* http://docs.oracle.com/javase/6/docs/technotes/guides/security/xmldsig/XMLDigitalSignature.html


=== Trusted store with permissions delegation ===
=== Trusted store with permissions delegation ===
Lkcl
177

edits

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/411911"

Navigation menu