canmove, Confirmed users
1,570
edits
Talk:Extension Manager:Addon Update Security: Difference between revisions
Talk:Extension Manager:Addon Update Security (view source)
Revision as of 20:09, 9 July 2007
, 9 July 2007→Update Scenarios
| Line 27: | Line 27: | ||
****''It'' [update.rdf] ''will be retrieved if the add-on has provided a public key for the purposes of verifying the digital signature in the update manifest.'' Doesn't this create a chicken-and-egg problem? I'm assuming by "update manifest" you mean update.rdf. If so, how will FF know if a public key has been provided in the update manifest if it can't retrieve it? | ****''It'' [update.rdf] ''will be retrieved if the add-on has provided a public key for the purposes of verifying the digital signature in the update manifest.'' Doesn't this create a chicken-and-egg problem? I'm assuming by "update manifest" you mean update.rdf. If so, how will FF know if a public key has been provided in the update manifest if it can't retrieve it? | ||
***** The public key is available in the already installed add-on. I believed that [[User:Mossop:Fx-Docs:AddonUpdateSecurity#Securing_Update_Manifests_Through_Digital_Signatures]] was reasonably clear on that. Possibly you could suggest a rewording that makes it clearer? | |||
2. Suppose install.rdf contains an em:updateURL of https://foo.com/update.rdf. When FF retrieves the resource at https://foo.com/update.rdf, FF will install the update even if no em:updateHash element exists (assuming there are no problems with the certificate for foo.com). If, however, em:updateHash does exist, it is checked for validity against the update. | 2. Suppose install.rdf contains an em:updateURL of https://foo.com/update.rdf. When FF retrieves the resource at https://foo.com/update.rdf, FF will install the update even if no em:updateHash element exists (assuming there are no problems with the certificate for foo.com). If, however, em:updateHash does exist, it is checked for validity against the update. | ||