On Wed, 14 Jul 2004 23:11:53 +0200, Enrico Scholz enrico.scholz@informatik.tu-chemnitz.de wrote:
- extensions should be signed; current situation where you have *only* unsigned extensions trains users to accept the big red warning as the normal case
I agree with this in terms of human engineering, but don't know if this is a reason to keep it out of core. Let me fire up the letter writing bot to all the extention authors about signing their code right now.....
there are too much extensions, it is too easy to install them and there is no working way to upgrade them. Users will end in lots of extensions of unknown authors which were not updated for ages. This will be a huge security problem
extensions are difficultly to manage; they need a special (active) installation routine and are indexed by non-human readable keys. AFAIK, there does not exist a way to install them on the CLI ('-installExtension' does not work afais)
I think the lack of a clean admin solution to installing and maintaining a centralized set of extentions is a problem that should keep it out of core. I'd personally like to see extention management in firefox get to the point where an rpm package version of firefox could come with user installable extention support disabled completely with extentions being expected to be installed via rpm packages by default. I think the new Xvfb trick being used in fedora.us package raises some serious questions about firefox being ready to be in Core and certaintly not the default browser. The scriptable cli installation of extentions from rpms needs to be worked out correctly i think before its ready for consideration.
-jef