On Thu, 15 Mar 2012 22:45:56 +0000 Ben Francis wrote: > Web apps should be hosted, not packaged. How do you sign code that's > constantly changing? Sometimes when web apps are updated there are > different versions of resources on different nodes of a cluster behind a > load balancer, or different versions of the app are rolled out to subsets > of users at a time. How can you sign code in this environment?
Easily, what comes into question is the security of the private key, especially if your running something like Joomla. Or is that what you meant "How can you safely sign code in this environment?" IMO, hosting is the same as packaging you either upload a bit at a time or all at once, signing doesn't prevent you from doing anything. You may however choose to check the code perhaps even offline and then sign it with a secure private key like for the DNSSEC infrastructure. As long as all files or package versions are signed, it doesn't matter. If you want you can sign all files used like android .apks or .jars contents are all individually signed but even if you like without a package. Could mismatches then arise and cause stability or worse problems if a developer hasn't considered differing cache snapshots etc.. _______________________________________________ dev-security mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security
