Hello, I use several addons directly from their developer's github pages. However, Mozilla recently decided to have a mind of it's own and disable them in the latest Iceweasel v43. They are centralizing and forcing all developers to go through their identification service over at AMO.
See here: https://wiki.mozilla.org/Addons/Extension_Signing For the non-prism version it may be a good idea to disable this, since it appears to be contacting Mozilla to verify all of your addons to find if they are "authorized" Mozilla addons. This would be great for fingerprinting and meta data. As of the coming Firefox 44 it will be forced, and there will be no override (outside of patching our own). The temporary override for Firefox 43 is /xpinstall.signatures.required /in about:config./ / While the idea of signing is good, I feel it is up to the user to verify trust. GPG signed .xpi are just as good (if not better) than trusting Mozilla's API signing key./ /
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Dev mailing list [email protected] https://lists.parabola.nu/mailman/listinfo/dev
