On Thursday 12 May 2005 05:17, Anthony G. Atkielski wrote: > Jean-Marc Desperrier writes: > > Altenate solution : An established list of "tier 1" essential extensions > > that you can trust fully for that level of attention. > > If they are essential, they should not be extensions.
Perhaps "routine extensions" then. > Any technology that allows for extensions is a security risk. If I want > an expandable, bloated mess of a security risk, I'll run MSIE. Right. But this is a fairly extreme and non- representative statement - most users will agree with it only in absence of an offering of a good extension. As extensions are offered, people will try them. People will always take on a little extra risk to get a lot of extra functionality. Powerful and popular applications like browsers will always end up with extensions of some form and without a proper security arrangement (like caps or even java sandboxing) then a shared trust scenario is inevitable. Most of the risk will be covered by getting a recommendation from a trusted source - such as a friend or known expert, or a site that is well known or affiliated like mozdev. Everyone here would probably be quite happy to download and install trustbar or petname because they've seen and heard about it here - that speaks volumes. (Signing can add a little to that, mostly in authenticating the correct product as is done by patch hashes. Hashes are wonderous things in this context because they give you most of what a public key sig gives you but without the headache of certs.) iang -- http://iang.org/ _______________________________________________ Mozilla-security mailing list Mozilla-security@mozilla.org http://mail.mozilla.org/listinfo/mozilla-security