←back to thread

All extensions disabled due to expiration of intermediate signing cert

(bugzilla.mozilla.org)
1318 points xvector | 2 comments | 04 May 19 01:31 UTC | HN request time: 0.42s | source
Show context
driverdan ◴[04 May 19 02:04 UTC] No.19823850[source]
First they force code signing on everyone without a way to disable it then they break it. This is an extreme level of incompetence I didn't expect from Mozilla.

They'd better have the best post mortum ever, possibly with someone being fired.

replies(9): >>19823853 #>>19823924 #>>19823927 #>>19823983 #>>19823993 #>>19824074 #>>19824096 #>>19824180 #>>19824307 #
cheeze ◴[04 May 19 02:59 UTC] No.19824096[source]
Oh relax. A cert expired. An intermediate cert at that...

This has probably happened to every major cloud provider and countless companies at least once. Certs are hard.

Should Mozilla have had monitoring on their cert expiration? Yes. Will they after this? Probably. Is any one person ever at fault for something like this? No.

Firefox is an open source project. You're welcome to contribute and make things better.

replies(3): >>19824119 #>>19824175 #>>19824304 #
1. yjftsjthsd-h ◴[04 May 19 03:43 UTC] No.19824304[source]
> Oh relax. A cert expired. An intermediate cert at that...

Everyone's extensions broke. Including security ones. Including the ones bundled into the TOR browser. And end-users can't fix it. Because Mozilla decided that it was too dangerous to let users choose what extensions to run for themselves. This is an excellent moment to be upset.

replies(1): >>19824766 #
2. __david__ ◴[04 May 19 06:16 UTC] No.19824766[source]
Being upset is ok! I'm not particularly happy that I can't just override the certificate check on stable. But demanding someone get fired is just pointlessly punitive.