[Mozilla Enterprise] (no subject)
Robert Marcano
robert at marcanoonline.com
Tue Aug 20 17:23:47 UTC 2019
On 8/19/19 12:31 PM, Mike Kaply wrote:
> The Firefox ESR has always supported turning off extension signing so
> you can install local extensions.
I wish it wasn't an on or off switch, but more a list of allowed
certificates (hashes?), and be able to disable Mozilla's certificates
That way you can allow your users to use approved internal extensions
without giving them the privilege to usa any Mozilla approved ones or
install random XPIs without signatures
>
> Mike
>
> On Sun, Aug 18, 2019 at 10:58 AM Paul Kosinski via Enterprise
> <enterprise at mozilla.org <mailto:enterprise at mozilla.org>> wrote:
>
> As a long-time Firefox user, I went to ESR because I prefer stability to
> new features, and I especially don't like gratuitous changes to the User
> Interface. The move to Tabs on Top was ugly: I think Google started it
> so that users would view the Web (and hence Google) as their computing
> environment, rather than Windows et al. But at least Classic Theme
> Restorer could fix that.
>
> The move to Quantum killed much of the ability to make Firefox look the
> way the user wanted and was used to. This has meant that users had to
> learn the new interface rather than doing useful work (sort of like
> The Microsoft Office "Ribbon" debacle). And the modern fad of replacing
> text-labeled icons with pure icons means that no one can know for sure
> what they mean, no matter what language they speak. (Plus, "hovering"
> over the icon to get the tool-tip wastes more time.) Not all users have
> to make do with tiny smartphone screens which don't have the space for
> labeled icons.
>
> The move to Quantum also required some really critical add-ons, such as
> NoScript, to be totally reimplemented, and made many other add-ons
> (such as Classic Theme Restore) apparently impossible. In the case of
> NoScript, there may have been a period where the overall security of
> using Firefox suffered in spite of the more secure internal structure
> of Quantum.
>
> And speaking of security, although the idea of requiring add-ons to be
> signed by Mozilla (only!) may be good for the consumer versions of
> Firefox, it is totally inappropriate for the *Enterprise* version
> (ESR). It means that any organization that wants add-ons that *need* to
> be kept private can't use Firefox at all. The notion that they could
> use a local build or an unofficial build (daily etc.) could mean that
> they are violating some other corporate or government regulation
> concerning what software they are allowed to use. And how would one
> even *find* the daily etc. build that is essentially identical to the
> release build?
>
> Since ESR is for enterprise use, surely it should be possible to allow
> enterprise-private add-ons to be loaded in ESR if their *hash* is signed
> by Mozilla. (Mozilla should not be in the business of trying to protect
> enterprises from software they themselves write.) In other words, an
> enterprise would just submit a hash of the add-on XPI to Mozilla the
> way they now can submit the whole XPI. Then if so configured (e.g., via
> about:config) the ESR version of Firefox would allow the add-on to be
> loaded iff its hash passed the signature test. To add to "public
> safety", Firefox could display a caveat stating that the add-on belongs
> to XYZ Corp. and is in no way certified by Mozilla. Plus, of course,
> such hash-signed add-ons would never be hosted by Mozilla.
>
>
>
>
>
> On Sat, 17 Aug 2019 00:54:28 +0000
> Ramkrishna Reddy D S <ramkrishna.reddy.d.s at ericsson.com
> <mailto:ramkrishna.reddy.d.s at ericsson.com>> wrote:
>
> > Hi Mike,
> >
> > Less major updates would be good as it's hard for us to manage.
> >
> > Regards,
> > Ram
> >
> > Sent from Workspace ONE Boxer
> >
> > On 17-Aug-2019 12:16 AM, Mike Kaply <mkaply at mozilla.com
> <mailto:mkaply at mozilla.com>> wrote:
> > I know this is generally considered a support list, but I have a
> > couple things I'd like to let you know about. Going forward, if you'd
> > like to continue to receive these kind of updates, you can follow the
> > instructions at the end of this email.
> >
> > Legacy Browser Support for Windows now
> >
> available!<https://protect2.fireeye.com/url?k=0ab11a4d-5665120e-0ab15ad6-86a1150bc3ba-e41f2431dfb71a8b&q=1&u=https%3A%2F%2Fgithub.com%2Fmozilla%2Flegacy-browser-support%2Freleases%2Ftag%2Fv1.0>
> >
> > It is quite possible that you still require the use of websites and
> > apps running ActiveX, Java, or Silverlight that need a legacy browser
> > for it to work. You can now get Legacy Browser Support which will
> > allow you to easily switch between Firefox and your legacy browser of
> > choice. You can add websites to the policy and when your users try to
> > access the site via the URL bar or a link, it will open in the legacy
> > browser automatically. Legacy Browser Support requires a native
> > component installed via MSI as well as an extension.
> >
> > Share your thoughts on ESR Release Cadence
> >
> > We would love your feedback in our current cadence of Firefox
> > Extended Support releases.
> >
> > Today, an ESR life cycle spans between 9 months to a year. We would
> > like to understand if a shorter life cycle, with more releases each
> > year, would help meet the needs of you and your organization.
> >
> > We believe faster cycles will allow more flexibility to back port
> > features and functionality to the ESR and will reduce occurrence of
> > web app compatibility issues that arise due to the ESR being too
> > outdated. While the ESR helps lower QA overhead through less frequent
> > updates, would a biannual release bring more benefits to you? Please
> > chime in on this feedback form<https://forms.gle/jdwWYKQ3inqP3jwL9>.
> >
> > Want to receive enterprise news?
> >
> > This is our second note to you in the past few weeks and we would
> > like to share more news about our enterprise work as new features and
> > offerings are developed. If my recent emails have been helpful, I’d
> > love to have you complete this brief
> > form<https://www.mozilla.org/en-US/firefox/enterprise/signup/> to
> > receive periodic news from our enterprise team.
> >
> > Thanks
> > [https://ssl.gstatic.com/ui/v1/icons/mail/images/cleardot.gif]
> > Mike Kaply
> > Technical Lead, Enterprise Firefox
> _______________________________________________
> Enterprise mailing list
> Enterprise at mozilla.org <mailto:Enterprise at mozilla.org>
> https://mail.mozilla.org/listinfo/enterprise
>
> To unsubscribe from this list, please visit
> https://mail.mozilla.org/listinfo/enterprise or send an email to
> enterprise-request at mozilla.org
> <mailto:enterprise-request at mozilla.org> with a subject of "unsubscribe"
>
>
> _______________________________________________
> Enterprise mailing list
> Enterprise at mozilla.org
> https://mail.mozilla.org/listinfo/enterprise
>
> To unsubscribe from this list, please visit https://mail.mozilla.org/listinfo/enterprise or send an email to enterprise-request at mozilla.org with a subject of "unsubscribe"
>
More information about the Enterprise
mailing list