[lug] FF Certificate Expiry vs. Good Practice

Jed S. Baer blug at jbaer.cotse.net
Sat May 4 07:36:07 MDT 2019

I got smacked by this Firefox debacle yesterday, and of course, had no
idea why my extensions suddenly quit working, especially since I hadn't
done an upgrade, nor even stopped/restarted my browser. I discovered
that, contra Mozilla's claim that it wasn't there, the xpinstall config
item was present and usable, so I set that to false. Then, this AM I see
the /. thread.


So, I'm not a modern 1337 h4X0r like the FF devs, so I guess I don't get
the part about the certificate being "built into" the browser. Does that
mean hard-coded?

It it's hard-coded, than that means that when it expires, the only fix is
to patch it? I guess I can sorta grok some thinking there, that if it's
hard-coded, it's harder to tamper with it. There must be a better way, no?

More information about the LUG mailing list