[Go Faster] Updating and installing new system add-ons

Ben Hearsum bhearsum at mozilla.com
Tue Sep 8 16:54:38 UTC 2015


This is a good point. If we only had signatures, and served the bits over http, someone could perform a downgrade attack by MITM the CDN that serves the bits.

On Tue, Sep 08, 2015 at 12:43:10PM -0400, Mike Connor wrote:
> Yeah, it's at a minimum backwards compat for updating from older clients.
> 
> That said, file hashes are a great way of ensuring that we don't get the
> wrong artifact in transit. It's not necessarily enough to assume that
> "signed == correct", unless it's prohibitive I think checking that it's the
> correct file is a worthwhile bit of protection.
> 
> Belt and suspenders FTW.
> 
> On 8 September 2015 at 12:35, Ben Hearsum <bhearsum at mozilla.com> wrote:
> 
> > Fine with me as long as the security folks are good with it. Worth noting
> > that we include both hashes plus mar signatures for Gecko updates, though
> > that may simply be because we didn't used to have signed mars...
> >
> > On Tue, Sep 08, 2015 at 09:27:51AM -0700, Dave Townsend wrote:
> > > I was making the assumption that since system add-ons will be signed the
> > > hashes may not be necessary, but that's easy to include if needed.
> > >
> > > On Tue, Sep 8, 2015 at 9:22 AM, Ben Hearsum <bhearsum at mozilla.com>
> > wrote:
> > >
> > > > We'll need hashes+filesizes here for verification purposes too, but
> > that's
> > > > just a minor detail.
> > > >
> > > > On Tue, Sep 08, 2015 at 09:12:43AM -0700, Dave Townsend wrote:
> > > > > After discussions with Ben I've updated the section of the client
> > plan on
> > > > > how we update system add-ons:
> > > > >
> > > >
> > https://wiki.mozilla.org/Firefox/Go_Faster/Client_Implementation_Plan#Discovering_system_add-ons
> > > > >
> > > > > It shows the actual server response we will be reading and is
> > essentially
> > > > > the same update mechanism that GMP uses.
> > > >
> > > > > _______________________________________________
> > > > > Gofaster mailing list
> > > > > Gofaster at mozilla.org
> > > > > https://mail.mozilla.org/listinfo/gofaster
> > > >
> > > >
> >
> > > _______________________________________________
> > > Gofaster mailing list
> > > Gofaster at mozilla.org
> > > https://mail.mozilla.org/listinfo/gofaster
> >
> >
> > _______________________________________________
> > Gofaster mailing list
> > Gofaster at mozilla.org
> > https://mail.mozilla.org/listinfo/gofaster
> >
> >
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <http://mail.mozilla.org/pipermail/gofaster/attachments/20150908/a770ba9c/attachment.sig>


More information about the Gofaster mailing list