Open Bug 1020032 (remotedistro) Opened 6 years ago Updated 6 years ago

[meta] Remote distributions

Categories

(Firefox for Android :: General, defect)

32 Branch
All
Android
defect
Not set

Tracking

()

People

(Reporter: rnewman, Unassigned)

References

Details

(Keywords: meta)

Meta bug for this. Most client-side work hangs off Bug 1013024.
Depends on: 1020033
Curtis, Mark: when would be a good time to talk through this and discuss mitigations for the horrors lurking within?
Flags: sec-review?
Whiteboard: [sec-review-needed]
Flags: sec-review? → sec-review?(mgoodwin)
Sec review results, in very brief:

* Measure SSL overhead. If low, we'll take it.
* Explore a way to verify intent senders.
* Note to self: double-check that we don't process an intent after first run.
* Future/further thought: signature verification for downloaded zips. (More impetus for this if no SSL.)
Whiteboard: [sec-review-needed]
Sec review granted.
Flags: sec-review?(mgoodwin)
Depends on: firstrun
You need to log in before you can comment on or make changes to this bug.