Open
Bug 66608
Opened 24 years ago
Updated 2 years ago
Signtool distribution itself should be signed
Categories
(NSS :: Tools, enhancement, P2)
Tracking
(Not tracked)
NEW
4.0
People
(Reporter: arshad.noor, Assigned: rrelyea)
Details
Given that signtool is used to sign and verify software objects, customers should be able to trust that they have a version of signtool that they can trust - otherwise object signing doesn't make sense. I would like to propose that iPlanet/Mozilla.org, digitally sign the binary and source distributions of signtool and make them available on your web sites. Additionally, allow customers to be able to buy an official CD-ROM from iPlanet/Mozilla.org with signed versions of the signtool binary and source. This way customes won't have to trust the websites, if they prefer to trust official CD-ROMs from the company.
Comment 2•24 years ago
|
||
marking signtool bugs as future until 3.3 plan is ready.
Assignee: wtc → mcgreer
Target Milestone: --- → Future
Comment 3•24 years ago
|
||
Set Target Milestone to NSS 3.3. Assigned the RFE to Bob for evaluation.
Assignee: mcgreer → relyea
Priority: -- → P2
Target Milestone: Future → 3.3
Updated•23 years ago
|
Target Milestone: 3.3 → 3.4
Assignee | ||
Comment 4•23 years ago
|
||
Signing out distribution in general would be a good idea, just not for 3.4. bob
Target Milestone: 3.4 → 4.0
Comment 5•22 years ago
|
||
Changed the QA contact to Bishakha.
QA Contact: sonja.mirtitsch → bishakhabanerjee
Updated•19 years ago
|
QA Contact: bishakhabanerjee → jason.m.reid
Updated•18 years ago
|
QA Contact: jason.m.reid → tools
Updated•2 years ago
|
Severity: normal → S3
You need to log in
before you can comment on or make changes to this bug.
Description
•