Justin Dolske wrote on 1/4/2009 9:48 PM: > The update check, which happens over SSL, includes a hash in the reply. > When the update is then downloaded (without SSL), the data is checked > against the hash from the update check. If the data was tampered with, > the hash won't match and the bad update won't be applied.
Which hash algorithm is used? - Bil _______________________________________________ dev-security mailing list dev-security@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security