Firefox security status
Posted Jun 7, 2007 10:59 UTC (Thu) by ekj
Parent article: Firefox security status
The Mozilla-mechanism is unsane though. Requiring updates to be served from SSL-sites has numerous drawbacks, for example it requires you to have a server on a separate IP-adress, which costs extra for many using shared hosting. And it requires you to purchase an SSL-certificate, which is also extra hassle for no benefit whatsoever.
There exists a well-tested, secure, easily implementable, no-server-impact solution for installing updates, while being certain that they come from who they claim to come from. It's called a digital signature. Package-managers have had them for years.
Sign packages, ask on first installation of a module if you also want the issuer for providing updates, if yes, auto-install updates, but only if they have a good signature from the same developer.
This also allows you to get the updates packages from anywhere, so it allows mirroring of plugin-update-sites without sacrificing security, something that is NOT possible with the "use only HTTPS" solution.
to post comments)