103
edits
Talk:Extension Manager:Addon Update Security: Difference between revisions
Talk:Extension Manager:Addon Update Security (view source)
Revision as of 00:31, 3 July 2007
, 3 July 2007Non-conforming Add-ons
(→No more «version bumping» ?: Initial comment) |
(Non-conforming Add-ons) |
||
| Line 2: | Line 2: | ||
What about already-existing extensions whose code (I'm talking of the fundamentals here, not about signing, hashing, or even "declared" version compatibility) happens to be already compatible with Fx3 / Tb3 / Sm2 / etc.? What about existing extensions, possibly tested with Minefield, which already declare themselves "compatible with Fx3" but include no crypto signature? What about the well-known practice of «version bumping» (unzip the xpi, change the maxVersion upwards, don't change anything else, rezip)? [[User:Tonymec|Tonymec]] 18:04, 1 July 2007 (PDT) | What about already-existing extensions whose code (I'm talking of the fundamentals here, not about signing, hashing, or even "declared" version compatibility) happens to be already compatible with Fx3 / Tb3 / Sm2 / etc.? What about existing extensions, possibly tested with Minefield, which already declare themselves "compatible with Fx3" but include no crypto signature? What about the well-known practice of «version bumping» (unzip the xpi, change the maxVersion upwards, don't change anything else, rezip)? [[User:Tonymec|Tonymec]] 18:04, 1 July 2007 (PDT) | ||
== Non-conforming Add-ons == | |||
I understand why add-ons that provide update functionality must do so securely, but why does this proposal require that add-ons provide update functionality?--[[User:Np|Np]] 17:31, 2 July 2007 (PDT) | |||