-
Notifications
You must be signed in to change notification settings - Fork 163
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Sign Feed #93
Comments
We will not use a signature file, you can provide a SHA of the feed to be validated against - that would be a nice feature. Pull requests welcome :) |
No signature file. I meant the signature would be part of the feed. The
feed builder could generate RSA keys and let the user export the public
key. The app could use the public key to verify feed signature to know it
was published by allowed publisher.
…On Sun, Jan 22, 2017, 2:08 PM Itamar Syn-Hershko ***@***.***> wrote:
We will not use a signature file, you can provide a SHA of the feed to be
validated against - that would be a nice feature. Pull requests welcome :)
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
<#93 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/ADdhse9X9Xl38i0vv04pnrH-wPnYc6o4ks5rU6ktgaJpZM4Lqdrg>
.
|
This is a good security feature to prevent spread of malicious updates if the update source is compromised since the attacker won't be able to publish updates if he does not have the private key. Method 1
This is a good method, but is a bit of work and requires that the publisher organizes specific certs for publishing updates. We have a PR with this method at: #45 Method 2
This is an quite straight forward fix, but it requires that the publisher has bought code sign certs and is not applicable to files that cannot be code signed (configuration files etc). |
Worth mentioning is that I have seen both methods applied in other update libraries. |
I prefer method 1. It solves the 2 issues you mentioned of method 2.
…On Tue, Mar 28, 2017, 2:00 AM Robin Andersson ***@***.***> wrote:
Worth mentioning is that I have seen both methods applied in other update
libraries.
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
<#93 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/ADdhsSxrymvo2DxMJYp5RU8C7mTjZzOsks5rqKIZgaJpZM4Lqdrg>
.
|
Have the updater check signature of signed feeds. Use a key pair to sign file. Give the public key to apps They can verify they are getting a valid and trusted feed.
The text was updated successfully, but these errors were encountered: