I didn't realize the XPI dialog I see is prompted *before* the download.
If the purpose is to protect the user from downloading insecure content, then signature can not work.
I do not follow.
In the MS case, after the download I get the dialog asking me if I trust the signed content and want to use it.
I don't get a dialog before the download.
I think you are wrong. When you download one of these file types, IE reads in enough data to know that it is signed content. This data contains the suspected signature information.
If I understand correctly, it currently works as such : - one dialog before download asking if I want the download to start - one dialog showing the progress of download and unsigned XPI will install as soon as the download is over. But what about temptatively signed XPI ? Do we have a special third dialog for them ?
I think the two current dialog should be unified into one, and the download started directly, leaving the user the choice of cancelling it.
Then at the end of the download, it will be possible to display the result of the signature verification in the same unified dialog.
The idea here is that you get a confirmation dialog that an install is about to proceed. In this first dialog, it will or should say something like either "This install appears to be signed by ACME, INC.", or "This install is unsigned."
If the user confirms, then we proceed to download the remaining installer file. While this dialog is present, I believe that the download continues into temp space. For signed installs, when the file is completely downloaded we verify the integrity of the signed installer. We also verify that the name that we told the user in the initial confirmation dialog is indeed the same organization that signed the install. If everything verifies correctly, there is no additional dialog.
For unsigned install, youre right, at this point we just install the thing.
However, I am not sure if this is the right newsgroup for use case discussion on how xpinstall should work. Feel free to move this discussion to the .xpinstall ng.
Hope this helps,
Doug Turner _______________________________________________ mozilla-crypto mailing list [EMAIL PROTECTED] http://mail.mozilla.org/listinfo/mozilla-crypto
