Search Mailing List Archives


Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] Tails ISO verification extension for Firefox

intrigeri intrigeri at boum.org
Sat Apr 25 06:56:44 PDT 2015


Hi Giovanni,

Giovanni Pellerano wrote (19 Apr 2015 19:58:36 GMT) :
> while developing GlobaLeaks (https://github.com/globaleaks/GlobaLeaks)
> and developing our end-to-end encryption ideas where we would need
> verify Javascript signing and collaborating with SecureDrop people in
> relation to shared topics we ended in discussing exactly the same need
> you are explaining but a little more generic in relation to projects
> signing/integrity; [...]

The Code Signing Everywhere project seems strongly targeted at
verifying webapp code. So, I don't really understand how it's more
generic than the idea sajolida mentioned: one project is specific to
verifying webapps code, while the other one is specific to downloading
files to the filesystem and verifying them. I'll be happy to stand
corrected if I missed something :)

Now, perhaps both ideas could somehow converge. I suspect the UX and
interface side of things would be the hardest part, given the very
different use cases, despite the fact that some lower-level bits and
processes, that happen under the hood, could be shared (this remains
to be checked: e.g. it might be that the hooks provided by Firefox
add-on/plugins API for one use case and the other are vastly
different -- I've no idea).

> You find here the root document of the tentative specification [...]

Thanks for the pointers! 

Cheers,
--
intrigeri



More information about the liberationtech mailing list