235
edits
Community:SummerOfCode07: Difference between revisions
revert Roly's changes
m (→Firefox/Gecko) |
(revert Roly's changes) |
||
| Line 17: | Line 17: | ||
| style="background-color: #efefef;" | '''Comments''' | | style="background-color: #efefef;" | '''Comments''' | ||
|- | |- | ||
| valign="top" | Implement link fingerprints | | valign="top" | Implement link fingerprints | ||
| valign="top" | Link fingerprints are a method of making an HTTP or HTTPS URL reference not only a particular resource, but a particular version of that resource, in a way that the fetching client can validate. This would make it harder (not impossible) for crackers to change downloadable software packages without any user (and the site owner) noticing it. Further details can be found in [http://www.gerv.net/security/link-fingerprints/ the proposal by Gervase Markham], Gerv's [http://weblogs.mozillazine.org/gerv/archives/2007/03/wordpress_download_tarball_com.html blog post about the recent Wordpress tarball attack] and [https://bugzilla.mozilla.org/show_bug.cgi?id=292481 bug 292481] | | valign="top" | Link fingerprints are a method of making an HTTP or HTTPS URL reference not only a particular resource, but a particular version of that resource, in a way that the fetching client can validate. This would make it harder (not impossible) for crackers to change downloadable software packages without any user (and the site owner) noticing it. Further details can be found in [http://www.gerv.net/security/link-fingerprints/ the proposal by Gervase Markham], Gerv's [http://weblogs.mozillazine.org/gerv/archives/2007/03/wordpress_download_tarball_com.html blog post about the recent Wordpress tarball attack] and [https://bugzilla.mozilla.org/show_bug.cgi?id=292481 bug 292481] | ||