On Thu, Feb 12, 2015 at 11:15 AM, Nikos Roussos <comzer...@fedoraproject.org> wrote: > On Thu, Feb 12, 2015 at 6:30 AM, Michael Cronenworth <m...@cchtml.com> > wrote: > > I'm sure those that need to know, know, but for those that haven't heard[1] > Mozilla's official Firefox build will enforce addons to contain a Mozilla > signature without any runtime option to disable the check. Initially this > prevents Fedora packaged addons since they are unsigned. The Mozilla signing > process takes time and can't be part of a package building process. Is > Fedora going to get authorization to build Firefox with a runtime disable > option? > > > If the only way is to completely disable this feature, I'd prefer we don't. > I wouldn't like for us to ship a less secure build of Firefox.
A better way would be to add a "Fedora Signature" in addition to mozilla's and use that for packaged extensions. But that would require work on the build system (koji) side. -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
