There can be alternative authorities, and you could opt to choose them nstead. It's really a question of having the option of not relying on Mozilla's decisions. It's not a choice of either each individual's own keys or the "original authority who's the one true authority." Self-signing means choosing who to trust. The alternative authorities become explicit targets from the perspective of Mozilla, of course. So political commitment is entailed. It should be noted that this distinction is important: the legal tradition does NOT hold that the only valid authority regarding what you can do with a work is the author. There's lots you can do that the author doesn't authorize; and authors only have specific statutory exclusive rights. Among other things, this reflects a respect for the fact that information as such is not subject to copyright; just the originality of a work is. However, we are at a phase where an attempt to institute enforcement of the maximalist intepretation of copyright is imminent. Seth On Wed, Aug 26, 2015 at 8:21 PM, Solomon Peachy <pizza@xxxxxxxxxxxx> wrote: > On Wed, Aug 26, 2015 at 05:53:36PM +0200, drago01 wrote: >> A better solution would be to add a mechanism that allows you to use >> your own signing keys. >> That way you have both 1) install self built extensions and 2) the >> added security. > > ..and (3) a way for malware to install its own key, rendering (2) moot. > > - Solomon > -- > Solomon Peachy pizza at shaftnet dot org > Delray Beach, FL ^^ (email/xmpp) ^^ > Quidquid latine dictum sit, altum viditur. > > -- > devel mailing list > devel@xxxxxxxxxxxxxxxxxxxxxxx > https://admin.fedoraproject.org/mailman/listinfo/devel > Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
