Set-up signing point for internal add-ons

RESOLVED FIXED

Status

Cloud Services
Security
RESOLVED FIXED
9 months ago
5 months ago

People

(Reporter: andym, Assigned: ulfr)

Tracking

Firefox Tracking Flags

(Not tracked)

Details

(Whiteboard: [qf-])

(Reporter)

Description

9 months ago
This the service for signing the third kind of add-ons. Not the system add-on and not AMO, but those inbetween. It was decided that the certificate would be the same as with system add-ons, but it would have a different OU=.

This would enable Firefox to distinguish them in the addons manager which is required by bug 1336576 and we'll need to re-sign a bunch of the internal add-ons as noted in bug 1340295.
(Assignee)

Comment 1

9 months ago
Do you have a deadline for this effort? It ties into Autograph 2.0 which is actively being implemented: https://github.com/mozilla-services/autograph/pull/46
Assignee: nobody → jvehent
(Reporter)

Comment 2

9 months ago
Firefox 57 goes to Nightly in June. We'd like to resign all the internal add-ons in bug 1340295 and test out the code for 57 before then. Perhaps a stop gap solution to get us moving on that would be needed so we can do end-to-end testing.
Whiteboard: [qf]
Whiteboard: [qf] → [qf-]
(Reporter)

Comment 3

5 months ago
Given that bug 1371825 and bug 1371824 are now working, I would call this done.
Status: NEW → RESOLVED
Last Resolved: 5 months ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.