Iceweasel for Fedora?

Posted Dec 24, 2015 3:14 UTC (Thu) by Fowl (subscriber, #65667)
Parent article: Iceweasel for Fedora?

I was under the impression that extension signing was only going to be mandatory on Windows. That's where the malware is that they're trying to stop, after all.

Iceweasel for Fedora?

Posted Dec 24, 2015 5:33 UTC (Thu) by karath (subscriber, #19025) [Link]

That may once have been true. For a subset of systems, it may even be true today. Can you promise that it will be true tomorrow? What financial guarantee to back that promise do you offer?

Iceweasel for Fedora?

Posted Dec 24, 2015 14:29 UTC (Thu) by javispedro (guest, #83660) [Link]

Obviously not, they're enforcing this even on GNU, and even for extensions that are installed in /usr (via package manager).

This is a terribly misguided choice. First and foremost, extensions installed from a root-owned directory should be able to skip the verification (it's not like you couldn't already modify the firefox binary itself).

Second, there needs to be a way to enroll your own signatures. Otherwise, this is no better than a more draconian version of MS's Secure Boot, and I'm not willing to give Mozilla a free pass just because they're not MS.