Re: Widgets 1.0: Digital Signature feedback

On Wed, May 28, 2008 at 7:02 PM, Thomas Roessler <> wrote:
> On 2008-05-28 11:37:39 +1000, Marcos Caceres wrote:
>>> I'd suggest that you just reuse the algorithm URIs from the
>>> various XML security specs in the autoupdate spec. Also, note
>>> MD5 is pretty much dead these days, so there is no point
>>> whatsoever in giving it any special status.
>> The hash check is kinda pointless because the widget must do a
>> CRC check on the file entries prior to instantiation, so I might
>> just take it out of the auto-updates proposal.
> Well, in today's environment, CRCs are mostly pointless.
> The hash may or may not be pointless: It would add a useful level of
> protection against tampering if the update description was, e.g.,
> retrieved through HTTPS, but the updated widget itself through plain
> HTTP.  In that case, you'd want a known-strong hash, though.  That
> would work even in the absence of a signature on a widget.  That's
> useful in my book.

Ok, good point. But can you suggest a way to do this without the
custom XML update format?

Marcos Caceres

Received on Wednesday, 28 May 2008 10:30:06 UTC