On Mon, May 06, 2019 at 02:10:01PM -0400, Lee wrote: > On 5/6/19, Reco <recovery...@enotuniq.net> wrote: > > Hi. > > > > On Mon, May 06, 2019 at 01:35:48PM -0400, Lee wrote: > >> On 5/6/19, Dave Sherohman <d...@sherohman.org> wrote: > >> > On Sun, May 05, 2019 at 07:29:55PM -0400, Dan Ritter wrote: > >> >> > >> >> No, Mozilla really screwed up. > >> > > >> > Understatement of the month, if not the year. And yet, on the Mozilla > >> > blog, all the comments are "oh, you're so awesome for working on a > >> > weekend to fix this!", completely ignoring that there wouldn't have > >> > been > >> > a problem to "heroically" work all weekend to solve if they'd just done > >> > things right (staying on top of cert expirations, not trying to funnel > >> > everything through a single point of failure, etc.) in the first place. > >> > >> Is it just me, or does anyone else see the real screw up as mozilla > >> not allowing users to override their decisions -- in this case, about > >> an addon being "safe"? > > > > xpinstall.signatures.required = false > > > > They do allow it … for now. > > Only for the ESR
Which Debian happens to be shipping. Pure coincidence, I know. Reco