On Aug 1, 2014, at 2:34 AM, Stéphanie Ouillon <[email protected]> wrote: > For specific reasons detailed below [3], we need to support a signature > model compatible with the Android model [4]. Until now, the Marketplace > has been using the same tools/model. > > If we're to support developer signing, we can imagine several models: > > 1) handling multiple signatures: the app is signed twice, once by the > developer and once by the Marketplace (e.g.: having two manifest files > in META-INF signed by each key)
Signing twice would seem to be the simplest, since it doesn’t need any trust between the Marketplace and the developer. The signing by the Marketplace indicates a different thing (Mozilla approves this app) from the Developer signing (that over a period of release we can trust the app is from the some developer). Would the Marketplace be expected to do anything with that developer signing - for example, check that the signing is by certain trusted developers, or stays the same over time or anything else? Are there limits on the types of apps that could be signed, e.g.: only Packaged apps? Andy _______________________________________________ dev-b2g mailing list [email protected] https://lists.mozilla.org/listinfo/dev-b2g
