-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello,
We are in the process of defining and review the process we use for generating and revoking receipts. This is a complicated process that involves signing with a Hardware Security Module. Please take a look at the spec that we have so far and give any feed back you have. I have included the architect of the spec and developers who are responsible for implementing if you have any questions. Let's have a discussion on how we can make this as secure as possible. I will keep the wiki updated from this discussion. https://wiki.mozilla.org/Apps/WebApplicationReceipt/GenerationService thanks! - -Raymond -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBAgAGBQJPc1BvAAoJEIGR7m2TZLSD8QEIAJX7V9AgbhSrqs/gvkW6OpoA Y9ic94jxZ6uYJpXJj7XHH0KPDNBSKq8vlOSckuX3fUBqKi4sD9Mm/lsehZblM5vf 1BaKk+36mgJ4x7VwhpDXEhArmVBxcwKm0uXBLVJr/TTxPG7TkAE4OZi1dram9g5t wM0yMCrCoNvZe//UvRg3Avrldafru2MJ2bFoVm1lN/hNylih8WTyccMv6DkDvPAt DBb31VPVhKh8TCmJrMBKxuHQD82zbAq5f3qRXlQHHqv1Saw9jolxew8oITpVf84Z yfaLYjyKqS6JIgmUyUmG9OEefPN72Y6FBjClGrQ0K+Lq/fIhoIsm2yReoE8iEdY= =FYIO -----END PGP SIGNATURE----- _______________________________________________ dev-security mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security
