1
edit
Extension Manager:Addon Update Security: Difference between revisions
Extension Manager:Addon Update Security (view source)
Revision as of 14:07, 4 September 2007
, 4 September 2007→Securing Update Manifests Through Digital Signatures
| Line 52: | Line 52: | ||
To be clear, the key used for these signatures is not required to be one purchased from a trusted CA, it can be a self-signed key. In the SSL case, a trusted CA is a necessary intermediary to establish domain ownership and prevent man-in-the-middle attacks. In this case, however, we can verify the authenticity of the update signing key by comparing it with the one stored in the initial install, a trusted intermediary is not required. | To be clear, the key used for these signatures is not required to be one purchased from a trusted CA, it can be a self-signed key. In the SSL case, a trusted CA is a necessary intermediary to establish domain ownership and prevent man-in-the-middle attacks. In this case, however, we can verify the authenticity of the update signing key by comparing it with the one stored in the initial install, a trusted intermediary is not required. | ||
The private key is then used to sign the contents of the update manifest | The private key is then used to sign the contents of the update manifest as an additional property of the update manifest will contain the signature. | ||
* Need to provide tools to make this simple, possibly an xulrunner app. | * Need to provide tools to make this simple, possibly an xulrunner app. | ||