...
| Wiki Markup |
|---|
Automated detection is not feasible in the fully general case. However, an approach similar to Design Fragments \[[Fairbanks 072007|AA. References#Fairbanks 07]\] could assist both programmers and static analysis tools. |
...
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="b4ba99d275162198-b805b42b-46d840c1-b776a07e-d023131faaafc8a58fdb979b"><ac:plain-text-body><![CDATA[ | [ISO/IEC TR 24772:2010 | http://www.aitcnet.org/isai/] | Improperly Verified Signature [XZR] | ]]></ac:plain-text-body></ac:structured-macro> |
CWE-300. Channel accessible by non-endpoint (aka "man-in-the-middle") | ||||
| CWE-319. Cleartext transmission of sensitive information | |||
| CWE-494. Download of code without integrity check | |||
| CWE-347. Improper verification of cryptographic signature |
...
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="b3b9be4f3e7af23a-ecbc62fc-4d35402b-91419c03-771af040f3e923cc5f0a1b5b"><ac:plain-text-body><![CDATA[ | [[API 2006 | AA. References#API 06]] |
| ]]></ac:plain-text-body></ac:structured-macro> | |||
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="fa0d2a7995febe49-53adec76-4fd747f4-95a09ffd-0bc501201da12b1445178912"><ac:plain-text-body><![CDATA[ | [[Bea 2008 | AA. References#Bea 08]] |
| ]]></ac:plain-text-body></ac:structured-macro> | |||
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="94abb95a58442fea-addf11a8-42784999-bb38b719-27948e184b7f96f587de7530"><ac:plain-text-body><![CDATA[ | [[Eclipse 2008 | AA. References#Eclipse 08]] | [JAR Signing | http://wiki.eclipse.org/JAR_Signing] and [Signed bundles and protecting against malicious code | http://help.eclipse.org/stable/index.jsp?topic=/org.eclipse.platform.doc.isv/guide] | ]]></ac:plain-text-body></ac:structured-macro> | |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="65667825f9f98764-c036437a-41254fbd-9ab99d01-cff0a185455a84756fe7545d"><ac:plain-text-body><![CDATA[ | [[Fairbanks 2007 | AA. References#Fairbanks 07]] |
| ]]></ac:plain-text-body></ac:structured-macro> | |||
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="f6d37e14aea7eed7-3512f8e1-498f499c-ae7a9a7a-649d1af630dd9e1b40856392"><ac:plain-text-body><![CDATA[ | [[Flanagan 2005 | AA. References#Flanagan 05]] | Chapter 24, The | ]]></ac:plain-text-body></ac:structured-macro> | |||
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="1c0a40d2f28bafbe-997aba2c-440844e9-ba888104-2e405cb181c42fda8f518d80"><ac:plain-text-body><![CDATA[ | [[Gong 2003 | AA. References#Gong 03]] | 12.8.3, | ]]></ac:plain-text-body></ac:structured-macro> | |||
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="ed5c43a5836bfc6b-aed2d7a4-40c845e9-a87b99f2-b81a1a0094fd89bf540ff13d"><ac:plain-text-body><![CDATA[ | [[Halloway 2001 | AA. References#Halloway 01]] |
| ]]></ac:plain-text-body></ac:structured-macro> | |||
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="e88c725f34f5185d-27377937-4f9c485f-ae82b914-842f37f95eb060fd09df4086"><ac:plain-text-body><![CDATA[ | [[JarSpec 2008 | AA. References#JarSpec 08]] | Signature Validation |
| ]]></ac:plain-text-body></ac:structured-macro> | ||
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="19951d3b95a667e6-d69d4fe4-49f84f95-a630b3df-64e2cf1896901c0e02358bbc"><ac:plain-text-body><![CDATA[ | [[Oaks 2001 | AA. References#Oaks 01]] | Chapter 12, Digital Signatures, Signed Classes | ]]></ac:plain-text-body></ac:structured-macro> | |||
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="21a9acc61414b1b9-b4ded6e5-47cf423b-b981a8b8-d751df48bf77af3b76ac1f99"><ac:plain-text-body><![CDATA[ | [[Muchow 2001 | AA. References#Muchow 01]] |
| ]]></ac:plain-text-body></ac:structured-macro> | |||
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="60f0a0d3f3c71883-3a3bec65-493f48de-98378ded-2ab74846a8a1317a00649749"><ac:plain-text-body><![CDATA[ | [[Tutorials 2008 | AA. References#Tutorials 08]] | [The | http://java.sun.com/docs/books/tutorial/deployment/jar/jarrunner.html], [Lesson: API and Tools Use for Secure Code and File Exchanges | http://java.sun.com/docs/books/tutorial/security/sigcert/index.html] and [Verifying Signed JAR Files | http://java.sun.com/docs/books/tutorial/deployment/jar/verify.html] | ]]></ac:plain-text-body></ac:structured-macro> |
...