canmove, Confirmed users
1,570
edits
Extension Manager:Addon Update Security:Signature: Difference between revisions
Extension Manager:Addon Update Security:Signature (view source)
Revision as of 22:38, 24 April 2008
, 24 April 2008→Update Public Key
| Line 5: | Line 5: | ||
In order to verify the signature in the update manifest, a public key is required. This must be included in the original add-on xpi. Including the key in the install.rdf makes checking for a key on install and retrieving the key at update time easier than the alternative option of including it as a file in the xpi. | In order to verify the signature in the update manifest, a public key is required. This must be included in the original add-on xpi. Including the key in the install.rdf makes checking for a key on install and retrieving the key at update time easier than the alternative option of including it as a file in the xpi. | ||
The | The SubjectPublicKeyInfo sequence (as defined in RFC 3280 and elsewhere) shall be DER encoded and then base64 encoded for inclusion as an em:updateKey resource in the install manifest. An example of this is below: | ||
<pre> | <pre> | ||