Anthony Lieuallen schrieb: > On 7/10/2006 1:02 PM, Jan Steffen wrote: >> BTW how often is signing of xpi's activly used be developers? ... >> Making signing easier would be one step. Giving developers >> signatures with some prove of authenticity would be the other. > > Having recently been involved in a project that used signed code at > work, I found that the least expensive available "code signing" > certificate available was $179. Not so surprising that a free product, > often built by an individual hobbyist, doesn't spend that kind of money > to sign itself, is it?
I'm not too deep into this CA stuff, but there is http://www.cacert.org/ for example, which offers certificates for free. Together with https://bugzilla.mozilla.org/show_bug.cgi?id=215243 fixed that could give a useful authenticity checking, wouldn't it? Jan _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
