12
edits
Talk:Extension Manager:Addon Update Security: Difference between revisions
Jump to navigation
Jump to search
m
Talk:Extension Manager:Addon Update Security (view source)
Revision as of 20:26, 9 July 2007
, 9 July 2007→Update Scenarios
| Line 26: | Line 26: | ||
***There are two possibilities. It will be retrieved if the add-on has provided a public key for the purposes of verifying the digital signature in the update manifest. It would also be retrieved for older extensions not yet compatible with Firefox 3 which have not yet been updated to meet the security requirements. Otherwise no it would not be retrieved. --[[User:Mossop|Mossop]] | ***There are two possibilities. It will be retrieved if the add-on has provided a public key for the purposes of verifying the digital signature in the update manifest. It would also be retrieved for older extensions not yet compatible with Firefox 3 which have not yet been updated to meet the security requirements. Otherwise no it would not be retrieved. --[[User:Mossop|Mossop]] | ||
****''It'' [update.rdf] ''will be retrieved if the add-on has provided a public key for the purposes of verifying the digital signature in the update manifest.'' Doesn't this create a chicken-and-egg problem? I'm assuming by "update manifest" you mean update.rdf. If so, how will FF know if a public key has been provided in the update manifest if it can't retrieve it? | ****''It'' [update.rdf] ''will be retrieved if the add-on has provided a public key for the purposes of verifying the digital signature in the update manifest.'' Doesn't this create a chicken-and-egg problem? I'm assuming by "update manifest" you mean update.rdf. If so, how will FF know if a public key has been provided in the update manifest if it can't retrieve it? --[[User:Grimholtz|Grimholtz]] | ||
***** The public key is available in the already installed add-on. I believed that [[User:Mossop:Fx-Docs:AddonUpdateSecurity#Securing_Update_Manifests_Through_Digital_Signatures]] was reasonably clear on that. Possibly you could suggest a rewording that makes it clearer? | ***** The public key is available in the already installed add-on. I believed that [[User:Mossop:Fx-Docs:AddonUpdateSecurity#Securing_Update_Manifests_Through_Digital_Signatures]] was reasonably clear on that. Possibly you could suggest a rewording that makes it clearer? --[[User:Mossop|Mossop]] | ||
****** It reads well. It's the wording above (in this thread) that confused me. I thought you were writing that the public key is included in the update.rdf. However, based on the link you provided, it's clear that's not what you meant. It sounds like the public key will be in install.rdf or in some other file packaged in the XPI... perhaps it can be specified as a URL in install.rdf so we can publish the public key in a public place instead of hiding it in the XPI. Anyway, thanks for the clarification and good luck with the implementation. --[[User:Grimholtz|Grimholtz]] 13:26, 9 July 2007 (PDT) | |||
2. Suppose install.rdf contains an em:updateURL of https://foo.com/update.rdf. When FF retrieves the resource at https://foo.com/update.rdf, FF will install the update even if no em:updateHash element exists (assuming there are no problems with the certificate for foo.com). If, however, em:updateHash does exist, it is checked for validity against the update. | 2. Suppose install.rdf contains an em:updateURL of https://foo.com/update.rdf. When FF retrieves the resource at https://foo.com/update.rdf, FF will install the update even if no em:updateHash element exists (assuming there are no problems with the certificate for foo.com). If, however, em:updateHash does exist, it is checked for validity against the update. | ||