78
edits
Notary: Difference between revisions
Jump to navigation
Jump to search
→Notes
m (→Notary: fixing typo) |
(→Notes) |
||
| Line 110: | Line 110: | ||
I think those are the only two. So there should be two cols, with those ids. | I think those are the only two. So there should be two cols, with those ids. | ||
==ZIP files== | |||
The [http://www.xulplanet.com/references/xpcomref/ifaces/nsIZipReader.html zipreader] is too basic for what we need. Thankfully, someone took the initiative and wrote a [http://blog.mozilla.com/rob-sayre/2007/05/03/new-scriptable-zipwriter-component/ zipwriter], which I am hoping to use. I haven't been able to compile it yet. | |||
==XPCOM and NSS== | |||
XPCOM has some limitations right now in regards to security and nss. While I have been able to display and retrieve CA certificates, that has only been a small part of the process, and perhaps the easiest part as well. The problem I will be facing is signing an xpi, in which there are no XPCOM components to create the zigbert.sf or sign the extension. | |||
There are a few possible workarounds, starting with most desirable : | |||
# Use [http://www.mozilla.org/projects/security/pki/psm/ PSM] | |||
# Do some C++ to work with NSS' API (can I do this?) and build on top of PSM | |||
# use nsIProcess to call each tool | |||
The last one being probably the least amount of work, but where's the fun in that? PSM documentation also scattered. Some parts seem to be in XULPlanet. | |||
==Public Key Encryption== | |||
Maybe this doesn't belong here, but whatever. Public key encryption, as I found out today can work too ways. The method I learned was how users [http://developer.mozilla.org/en/docs/Introduction_to_Public-Key_Cryptography#Public-Key_Encryption send encrypted information to websites]. It turns out that public key encryption can work the other way too. The private key can be used to encrypt the data, and the public key can be used to decrypt. This is how certificates work. The CA uses their private key to encrypt the data and openly releases their public key. The browser uses the public key to decrypt. Thankfully I came across a very.. [http://developer.mozilla.org/en/docs/Introduction_to_Public-Key_Cryptography thorough explanation] of public key cryptography. | |||
=Feedback= | =Feedback= | ||
I appreciate any comments/suggestions/criticisms. But please post anything in the discussion page. | I appreciate any comments/suggestions/criticisms. But please post anything in the discussion page. | ||