On Thu, Jan 07, 2016 at 11:06:35AM -0700, Chris Murphy wrote: > > Mozilla provides an API to sign extensions outside from their > > infrastructure. It's our infrastructural decision (correctly in my > > opinion) that prohibits this type of implementation. > Why is it OK for Fedora infrastructure to sign the bootloader, the > kernel, and kernel modules, but not application extensions? I don't think that's the question. The problem is that there isn't a way for us to sign them -- the above is just an API for Mozilla to sign them over the network, right? -- Matthew Miller <mattdm@xxxxxxxxxxxxxxxxx> Fedora Project Leader -- desktop mailing list desktop@xxxxxxxxxxxxxxxxxxxxxxx http://lists.fedoraproject.org/admin/lists/desktop@xxxxxxxxxxxxxxxxxxxxxxx
