[liberationtech] Tails ISO verification extension for Firefox
intrigeri
intrigeri at boum.org
Sat Apr 25 06:56:44 PDT 2015
Hi Giovanni,
Giovanni Pellerano wrote (19 Apr 2015 19:58:36 GMT) :
> while developing GlobaLeaks (https://github.com/globaleaks/GlobaLeaks)
> and developing our end-to-end encryption ideas where we would need
> verify Javascript signing and collaborating with SecureDrop people in
> relation to shared topics we ended in discussing exactly the same need
> you are explaining but a little more generic in relation to projects
> signing/integrity; [...]
The Code Signing Everywhere project seems strongly targeted at
verifying webapp code. So, I don't really understand how it's more
generic than the idea sajolida mentioned: one project is specific to
verifying webapps code, while the other one is specific to downloading
files to the filesystem and verifying them. I'll be happy to stand
corrected if I missed something :)
Now, perhaps both ideas could somehow converge. I suspect the UX and
interface side of things would be the hardest part, given the very
different use cases, despite the fact that some lower-level bits and
processes, that happen under the hood, could be shared (this remains
to be checked: e.g. it might be that the hooks provided by Firefox
add-on/plugins API for one use case and the other are vastly
different -- I've no idea).
> You find here the root document of the tentative specification [...]
Thanks for the pointers!
Cheers,
--
intrigeri
More information about the liberationtech
mailing list