Forum for the FireGPG's extention. (!Don't post too links or wait we unban your, akismet is very aggressive)
You are not logged in. Please login or register.
Must I really explain the implications of this?
Downloading the FireGPG update via insecure HTTP allows the potential for malware to be injected into the update. Now we have malware in our system with access to our public/private keyring, possibly monitoring when we enter our secret-key passcode and uploading this information to some server in China. Fantastic!
That's one scenario. So, please, make the update use HTTPS.
And Firefox 3 wants https. We haven't the choise 
Ok, I do some cheks, and we dosen't need https for firefox3, but updates files will be signed (not the extention).
I will look if we can sign the xpi now
Powered by PunBB, supported by Informer Technologies, Inc.
Currently installed 2 official extensions. Copyright © 2003–2009 PunBB.