On Aug 6, 2014, at 8:50, Jonas Sicking <[email protected]> wrote: > On Tue, Aug 5, 2014 at 4:12 AM, Anne van Kesteren <[email protected]> wrote: >> On Thu, Jun 26, 2014 at 2:17 PM, Anne van Kesteren <[email protected]> wrote: >>> On Wed, Jun 18, 2014 at 8:28 PM, Jonas Sicking <[email protected]> wrote: >>>> However if we can enable developers to sign their own applications, >>>> rather than having to have them signed by the marketplace, then that >>>> would still mean that developers could roll out updates as quickly as >>>> web developers do today. I.e. no need to wait for review from a >>>> marketplace. >>> >>> Could you elaborate on this? I thought part of the point of allowing >>> certain features to be used was that we could inspect the code and >>> make sure nothing malicious was going on. Do we actually secure things >>> in a different way? >> >> Still interested in this. > > *If* we enable developer signing, the idea would be that we somehow > verify that a developer is a "good guy", rather than doing the current > verification that the app is a "good app". > > This could be done by for example requiring the developer to sign some > form of contract, and make sure they know what the UX/privacy/other > requirements are for the various APIs, and make it clear that we'll > revoke access if those requirements aren't met. > > So very fluffy ideas. I'm always looking for better solutions if you have > ideas.
Has only exposing a predefined and limited set of APIs at runtime been considered? This would allow developers to ship self-signed updates as long as they kept within the bounds of the API surface they initially defined. They could go beyond those bounds, of course, but APIs would just throw or noop. Changing these permissions would need extra approval by Mozilla (or other third parties trusted by the user) and end-users would be alerted to the new capability requirements of the app on update. Thoughts? --tobie _______________________________________________ dev-b2g mailing list [email protected] https://lists.mozilla.org/listinfo/dev-b2g
