--- Andrew Archer <[EMAIL PROTECTED]> wrote: > I'm curious to know how the keys will be kept secure.
The wouldn't be any keys in an online version. It would work like this: 1. User uploads XPI to http://mozdev.org/mccoy 2. mozdev.org generates hash of uploaded XPI 3. mozdev.org unzips XPI, inserts the <em:updateHash/> into install.rdf, re-zips XPI, sends XPI back to user as a file download http://developer.mozilla.org/en/docs/Extension_Versioning,_Update_and_Compatibility#Update_Hashes ____________________________________________________________________________________ Looking for last minute shopping deals? Find them fast with Yahoo! Search. http://tools.search.yahoo.com/newsearch/category.php?category=shopping _______________________________________________ Project_owners mailing list [email protected] https://www.mozdev.org/mailman/listinfo/project_owners
