Hacker News new | past | comments | ask | show | jobs | submit login

It's a signing certificate that is built into the browser to verify add-ons, not a normal TLS certificate that they can just update on a web server.

The change basically just imports the new certificate into the database: https://hg.mozilla.org/releases/mozilla-release/rev/848b1502...




That is not a complete statement of the changes shown. In addition to the unexpired certificate, it takes step to reenable any addons that were disabled by the expiration of the prior certificate.


> It's a signing certificate that is built into the browser to verify add-ons, not a normal TLS certificate that they can just update on a web server.

Ah, so that's why. Thanks.

What was the signing certificate validity period ?


Don't know about the old one, but the new one from the patch is:

    Not Before: Apr  4 00:00:00 2015 GMT
    Not After : Apr  4 00:00:00 2025 GMT


Two years, iirc.


So are the extensions checked at startup time for disk integrity issues?

My extensions on FF have not stopped working but I hadn't restarted the browser in that interim




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: