MozillaWiki

Extension Manager:Addon Update Security:Signature: Difference between revisions

Page Discussion

Extension Manager:Addon Update Security:Signature (view source)

Revision as of 11:06, 24 August 2007

8 bytes removed ,  24 August 2007
→‎Algorithms and Key Types
No edit summary
Line 481: Line 481:


In order to make this work we must choose an appropriate key type and hashing algorithm for generating the digital signature. As far as the implementation goes this choice is largely irrelevant. So long as NSS supports the choice it is a trivial change to make the code work.
In order to make this work we must choose an appropriate key type and hashing algorithm for generating the digital signature. As far as the implementation goes this choice is largely irrelevant. So long as NSS supports the choice it is a trivial change to make the code work.
=== Key Type ===
* RSA
* DSA
Must also consider key size.


=== Hashing Algorithm ===
=== Hashing Algorithm ===
Line 500: Line 493:
* SHA512
* SHA512


If we select SHA1 as the hashing algorithm then either key type can be chosen, indeed it would not be necessary to standardise on the key type at all, the key type can be detected from the key specified in the install.rdf file.
Since we have no need to support older apps or anything we should probably just choose SHA512 as being the strongest hashing method we have available right now.
 
=== Key Type ===
 
* RSA
* DSA
 
Since DSA cannot be used with the SHA512 hashing algorithm we should use RSA key types.
Mossop
canmove, Confirmed users
1,570

edits

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/66613"