On Sat, Apr 11, 2015 at 11:53 PM, Tim Guan-tin Chien <[email protected]> wrote: > I might be able to put up something next week.
As promised, this is my alternative proposal in written. https://wiki.mozilla.org/User:Timdream/New_new_security_model I intentionally kept the format of the original wiki, and only write the part that would change, i.e. how trusted contents is delivered and verified. The proposal mainly revolves around removing coupling between signing and deploy & update, so developers are free to use any of the technologies for deploy and update available to the general Web, and only care about how to deliver the signature file when she/he need to enable Gecko to trust the signed content. Tim _______________________________________________ dev-b2g mailing list [email protected] https://lists.mozilla.org/listinfo/dev-b2g
