On 06/02/2010 15:04, Eddy Nigg wrote:
Isn't it about time that extensions and applications get signed with verified code signing certificates? Adblock Plus is doing for a while now I think, perhaps other should too?
I don't know if more details are available than have been published so far, but I don't see how code signing would have helped. Unless I'm missing something code signing just confirms that the code comes from whoever signed it. How does a certificate prevent someone signing malicious code?
Michael _______________________________________________ dev-security mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security
