←back to thread

All extensions disabled due to expiration of intermediate signing cert

(bugzilla.mozilla.org)
1318 points xvector | 1 comments | 04 May 19 01:31 UTC | HN request time: 0.29s | source
Show context
Wowfunhappy ◴[04 May 19 02:12 UTC] No.19823890[source]
This is why users need to be in control of their own computers. Why can't I tell my copy of Firefox to ignore the certificate? Why can't I sign my own extensions?

Mistakes happen, it's okay. But users should be empowered to work around them.

replies(9): >>19823918 #>>19823919 #>>19823921 #>>19823930 #>>19824013 #>>19824265 #>>19824275 #>>19824334 #>>19824438 #
ehsankia ◴[04 May 19 02:19 UTC] No.19823919[source]
> Why can't I tell my copy of Firefox to ignore the certificate? Why can't I sign my own extensions?

The issue is that if you leave any sort of lever that reduces security, it will be abused by bad actors. This is why browsers are having ever decreasing ways to bypass security and have full access. It is annoying, but at the end of the day, protecting 99.999% of the users trumps what us power users want.

replies(4): >>19823956 #>>19823992 #>>19824076 #>>19825643 #
1. megous ◴[04 May 19 10:43 UTC] No.19825643[source]
> The issue is that if you leave any sort of lever that reduces security, it will be abused by bad actors.

As you can see in this discussion, there already are some obtuse ways to disable/ignore the signing. It's just way worse if people have to disable the signing instead of adding a trust for their own certificate, so that only mozilla and user's addons are truste instead of all the malicious garbage out there on the web.