Re: Dan Stillman's concerns about Extension Signing

Mon, 30 Nov 2015 11:54:07 -0800 

That sounds like a good idea to me as well.

On 2015-11-30 11:25 AM, Gavin Sharp wrote:

That's one of the suggestions Dan Stillman makes in his post, and it
seems like a fine idea to me.

Gavin

On Mon, Nov 30, 2015 at 11:15 AM, Jonathan Kew <jfkth...@gmail.com> wrote:

On 30/11/15 15:45, Gavin Sharp wrote:


and it's definitely the wrong thing to do.



Fundamentally the add-on signing system was designed with an important
trade-off in mind: security (ensuring no malicious add-ons are
installed/executed) vs. maintaining a healthy add-on ecosystem (ensuring
that building and distributing add-ons is as easy as it can be).

If your proposed alternative plan is "get rid of automatic signing", then
we know that it's going to significantly hamper Mozilla's ability to
maintain a healthy add-on ecosystem, and harm what were considered some
important add-on use cases. I don't think it strikes the right balance.

If your proposed alternative plan is something else, maybe it would help
to
clarify it.



Perhaps if there were a mechanism whereby "trusted" add-on developers could
have their add-ons -- or even just updates for
previously-reviewed-and-signed add-ons -- automatically signed without
having to jump through the validator/review hoops each time?

How would a developer acquire "trusted" status? By demonstrating a track
record of producing add-ons that pass AMO review -- which may be a
combination of automatic validation and/or human review.

And of course any add-on developer who is found to have abused their
"trusted" status to sign and deploy malicious code would have that status
revoked, in addition to the malicious add-on being blocked.

ISTM this would maintain most of the intended benefits of the signing
system, while substantially smoothing the path for developers such as Dan
who need to deliver frequent updates to their users.

Feasible?

JK


_______________________________________________
dev-platform mailing list
dev-platform@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-platform


_______________________________________________
dev-platform mailing list
dev-platform@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-platform

Reply via email to