Closed
Bug 1178527
Opened 9 years ago
Closed 9 years ago
cache the signature check so that we dont need to recheck everytime
Categories
(Core :: Networking, defect, P1)
Core
Networking
Tracking
()
RESOLVED
WONTFIX
blocking-b2g | 2.5+ |
People
(Reporter: pauljt, Assigned: hchang)
References
Details
We will want to cache the signature check on the new signed packages somehow, so that if the resource remains unchanged, that we do not need to verify the signature check each time.
Reporter | ||
Updated•9 years ago
|
Assignee: nobody → hchang
Updated•9 years ago
|
Status: NEW → ASSIGNED
Reporter | ||
Comment 1•9 years ago
|
||
Our process here will likely be to simply not cache signed resource if their integrity check fails, so if the content is in the cache we can be sure the content is unmodified. I'll leave open for Henry to close once this approach has been confirmed as valid.
Reporter | ||
Updated•9 years ago
|
Priority: -- → P1
Reporter | ||
Updated•9 years ago
|
blocking-b2g: --- → 2.5+
Assignee | ||
Comment 2•9 years ago
|
||
(In reply to Paul Theriault [:pauljt] from comment #1) > Our process here will likely be to simply not cache signed resource if their > integrity check fails, so if the content is in the cache we can be sure the > content is unmodified. I'll leave open for Henry to close once this approach > has been confirmed as valid. Since the current packaged web content requesting flow has been changed, all the packaged content request is managed by PackagedAppService, which means there's no direct access to the packaged content cache. We can guarantee the cached file will not be used unexpectedly until we claim it's available. So, when the cached packaged resource is said available, it's guaranteed verified. I'll close this bug at the moment and reopen it if the architecture changes.
Status: ASSIGNED → RESOLVED
Closed: 9 years ago
Resolution: --- → WONTFIX
You need to log in
before you can comment on or make changes to this bug.
Description
•