5 hours ago, Neil Van Dyke wrote:
> Eli Barzilay wrote at 04/09/2011 12:12 AM:
> > There is a good solution for this that I recently saw -- the way that
> > chrome extensions are distributed. The summary of what I understand
> > from it is: an extension is a zip file with a prefix holding two
> > things -- a public key for the extension, and a signature for the zip
> > file that was done using the private key.
>
> Isn't this just old-fashioned code signing. I think people talked about
> it for PLaneT multiple times in the past, before Chrome existed. Or am
> I misunderstanding?
I don't know wearher it's old-fashioned or not, butthe thing thatI've
never seen before is using a single key per package and trusting itfor
further updates -- which is very different from the usual key per
person that requires trusting the channel you're getting it through.
--
((lambda (x) (x x)) (lambda (x) (x x))) Eli Barzilay:
http://barzilay.org/ Maze is Life!
_________________________________________________
For list-related administrative tasks:
http://lists.racket-lang.org/listinfo/users
