On 01/07/2016 04:19 PM, Stephen Gallagher wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 01/07/2016 09:46 AM, Paul W. Frields wrote:
On Thu, Jan 07, 2016 at 08:33:37AM -0500, Josh Boyer wrote:
On Thu, Jan 7, 2016 at 8:29 AM, Naheem Zaffar naheemzaffar@gmail.com wrote:
ESR will only delay the problem.
Can the Fedora build add a secodary key to accept signed extensions?
This is one of the suggested solutions, but it is not currently implemented upstream.
AFAIK the long term plan is todeprecate the current method of extensions in favour of a more browser agnostic approach.
Correct.
Is it just me, or does it seem odd to take Mozilla to task for doing something with their (relatively much larger) ecosystem we also endeavor to do with Fedora's?
Could you explain what you mean? Mozilla's intent is lock-in: they're providing exactly one source from which you can retrieve extensions. With Fedora, we do signature signing for trust reasons, but you are always offered a way to bypass that (or add your own keys, etc.)
I'm sure you're wrong here. lock-in means you can't change your software. How is it related here? How are you locked and by what? You can use the unbranded Firefox with your own extension without any limitations.