On 2014-05-15 21:49, Scott Ferguson wrote:
From the page you started this scare campaign with:-"Mozilla will distribute the sandbox alongside Firefox, and we are working on deterministic builds[*1] that will allow developers to use a sandbox compiled on their own machine with the CDM as an alternative." [*1] byte-for-byte - so it has the correct signature for the plugin.
How will the CDM find out the bytes/signature of the sandbox, to determine if they are correct?