[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #9769 [EFF-HTTPS Everywhere]: Move HTTPS Everywhere back to addons.mozilla.org

Subject: Re: [tor-bugs] #9769 [EFF-HTTPS Everywhere]: Move HTTPS Everywhere back to addons.mozilla.org
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Mon, 21 Apr 2014 18:17:28 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 21 Apr 2014 14:17:39 -0400
In-reply-to: <048.6ea22bfe2b5a5c6d74c9a0df67e2cdd1@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <048.6ea22bfe2b5a5c6d74c9a0df67e2cdd1@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#9769: Move HTTPS Everywhere back to addons.mozilla.org
--------------------------------------+----------------------
     Reporter:  micahlee              |      Owner:  micahlee
         Type:  project               |     Status:  new
     Priority:  normal                |  Milestone:
    Component:  EFF-HTTPS Everywhere  |    Version:
   Resolution:                        |   Keywords:
Actual Points:                        |  Parent ID:
       Points:                        |
--------------------------------------+----------------------

Comment (by zyan):

 It appears that AMO does *no* code signing for addons, so they're just
 protected by HTTPS after the approval process. Kind of scary in light of
 Heartbleed!

 I have decided that the best-case scenario is for AMO to let us sign
 updates with our own key, which Chrome Web Store does. Please star and
 discuss here: https://bugzilla.mozilla.org/show_bug.cgi?id=999014

 If that fails, we can wrangle the release scripts to use a new CA-signed
 cert as soon as PKP lands in Firefox.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/9769#comment:13>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Prev by Author: Re: [tor-bugs] #8816 [HTTPS Everywhere: Chrome]: Video in as.com fails to load (related with brightcove ruleset)
Next by Author: Re: [tor-bugs] #11367 [HTTPS Everywhere: Chrome]: Embed Youtube video not loading
Previous by thread: Re: [tor-bugs] #8816 [HTTPS Everywhere: Chrome]: Video in as.com fails to load (related with brightcove ruleset)
Next by thread: Re: [tor-bugs] #11367 [HTTPS Everywhere: Chrome]: Embed Youtube video not loading
Index(es):
- Author
- Thread