On Fri, 16 Mar 2012 12:39:31 -0700 Jonas Sicking wrote: > As I've stated, I don't want to force app developers to have to their > code inspected by stores, nor do I want to force stores to review > developers code. And if a code review hasn't happened I don't see what > signing the code buys anyone. >
It means that what the signer intends if the source is secure, you receive, no more no less, no matter the transport mechanism. > Instead I want stores to verify that they can trust a developer > through things like contractual means and restricting which set of > privileges they give an app. It has also been suggested that stores > should be able to require certain technical security measures from the > app, like EV Certs and/or certain CSP policies. This sounds like great > ideas to me. Likewise, it would likely be a good idea to have minimum > requirements on stores that they use things like EV Certs and CSP > policies. EV Certs are a laughing stock in security circles likely just made up to make money by CAs. It's unfortunate that browsers jumped on the band wagon. Have you never met a dodgy accountant. ALL it achieves is to encourage users to have a false sense of security in a dodgy website rather than considering if they trust the source (domain/author). It also means a spoofed chrome green bar or alternating green bar can fool users into entering data over plain text. _______________________________________________ dev-security mailing list dev-security@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security