Add-ons/InternalSigning: Difference between revisions
No edit summary |
m (s/andym/ddurst/) |
||
| Line 33: | Line 33: | ||
If any of those conditions change (for example the project is disbanded) then signing access will be withdrawn. | If any of those conditions change (for example the project is disbanded) then signing access will be withdrawn. | ||
If you'd like to request this for your add-on, then please contact [[Add-ons#Who| | If you'd like to request this for your add-on, then please contact [[Add-ons#Who|David Durst or Kev Needham]]. | ||
Revision as of 20:24, 9 March 2018
The document on Add-ons in Firefox 57 outlines a series of extensions called "Signed by Mozilla internally".
These are add-ons that are signed using a internal signing infrastructure to Mozilla. The signing infrastructure is not available to anyone other than Mozilla employees. Remaining documentation on how to sign add-ons and who to ask for permission are covered on Mana (page to be built).
Internal docs
See: https://mana.mozilla.org/wiki/display/FIREFOX/Internal+Extension+Signing and https://mana.mozilla.org/wiki/display/SVCOPS/Sign+a+Mozilla+Internal+Extension
What's this for
The primary use case for system add-ons. These are add-ons that aren't really add-ons, they are part of the Firefox infrastructure for delivering features to user without having to land in Firefox and ride the trains. These have been signed internally using a special key since they were created.
This is also used for Firefox features or experiments that want to distinguish themselves from other add-ons in some way. It's planning on being used by the following programs within Mozilla: Test Pilot, Dev Tools, Release Engineering and Shield Studies.
This can also be used to grant a WebExtension access to APIs that we can't (or just aren't yet ready to) expose to all WebExtensions. To use this capability, a WebExtension API is placed behind the "mozillaAddons" permission. A WebExtension that declares this permission in its manifest will only be granted that permission if it is signed using the process outlined in this document.
Can I get access to this?
Don't be upset, but the default answer is no. To pretty much everyone.
We are setting the bar high for this signing. If an add-on is going to be signed this way then it must conform to a few requirements:
- Have a clear and important value to Mozilla and it's mission.
- Supported and maintained by a known team within Mozilla.
- Maintaining and executing a QA plan.
- Regressions, bugs and issues are the responsiblity of the add-on author.
- Conform to Mozilla security, privacy and data collection policies.
- If the add-on is not a WebExtension, or has non-WebExtension parts it must:
- Use APIs that will not be implemented in WebExtensions or have a roadmap to implementing the WebExtensions APIs.
- And understanding that regressions, bugs and issues will occur regularly. These are outside of WebExtensions are not the add-ons team responsibility.
If any of those conditions change (for example the project is disbanded) then signing access will be withdrawn.
If you'd like to request this for your add-on, then please contact David Durst or Kev Needham.