Firefox addon signing
Richard Z
rz at linux-m68k.org
Wed Aug 26 13:13:08 UTC 2015
On Wed, Aug 26, 2015 at 03:12:25PM +0300, Alexander Ploumistos wrote:
> Their FAQ is constantly updated:
>
> https://wiki.mozilla.org/Addons/Extension_Signing#FAQ
>
> I'm not sure if there is a valid practical reason to refuse submitting the
> addons that we ship to their signing service or if it is against our
> policies; at least mozilla-https-everywhere has been signed.
that would work for Fedora - if it can be guaranteed that they sign new
versions quickly. Immagine if one of our plugins had a security hole and
mozilla would need days or weeks to sign it. As far as I can see Fedora
specific extensions would have to be listed which means they would go
through manual code review at mozilla.
> Mozilla states that they will be offering an unbranded binary (en_US only)
> for development and testing purposes.
For me this appears the only possibility and I suspect there are more
Fedora users like me maintaining their own Firefox extensions.
So will we get a firefox-unbranded package?
Richard
--
Name and OpenPGP keys available from pgp key servers
More information about the devel
mailing list