Add-on update metadata needs to use content-signing



3 years ago
a year ago


(Reporter: dveditz, Unassigned)


(Blocks: 1 bug, {sec-want})

Firefox Tracking Flags

(Not tracked)




3 years ago
+++ This bug was initially created as a clone of Bug #1303183 +++

This is the server-side part of content-signing add-on update metadata.

Since there's only a "Security" component here I suspect this is no longer the right place to file such bugs but I'm not sure where the right place is.
I'll leave the triage privilege to Andy :)

From a backend integration point of view, we need to grant access to the Autograph service to the AMO component that generates the update file. Autograph will compute a Content Signature and return it to AMO to serve alongside the data.

The main question is how many qps we will need to serve. Autograph is currently sized to sign a handful of files per hour, but if the version check data is dynamic, we'll need to sign thousands per second. The service can scale, but it's a potential concern.


a year ago
Keywords: sec-want
You need to log in before you can comment on or make changes to this bug.