Firefox expired cert issue
Is anyone here seeing Firefox's inability to update Extensions?
Nobody it seems is able to use Firefox Addons for updating extensions.I use Firefox less than I used to but I cannot update extensions, including 1Password Extension?
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided
Comments
-
This may help I am not sure as I do not use FF.
0 -
Thanks for the quick reply! Yes. that is it. Being on OSX El Captian has its own set of issues, like being unable to run 1Password 7 which is what the linked discussion also suggested. I am on Windows 7 mostly.
0 -
This issue is unrelated to the version of 1Password you are using. It is an issue with the Firefox browser, so I you will see the same problem even if you upgraded to 1Password version 7.
As Ben mentioned in the discussion linked by thightower:
P.S. 1Password 6 is retired. You may want to consider upgrading to v7, though that has no bearing on this particular issue.
0 -
Thanks. You are right. I missed that part.
0 -
No worries at all :)
0 -
I have a number of add-ons which are unaffected by the Firefox certificate issue, so it's clear it can be done.
Why has 1Password chosen to participate in something so clearly susceptible to this kind of invasive control? What exactly is the technical imperative to choose this highly damaging paradigm? I know we're dealing with passwords and ultra-secure data, but surely that is contained within my system, and in that case, that is my concern, not yours.
If 1Password does not like the heat this Firefox matter is bringing to bear, solely by association, I respectfully suggest you immediately engineer a solution that extracts you from being aligned and constrained in this manner.
I'm not the developer here, but I sure am the victim, and I am none too impressed, on two counts.
0 -
Hi @securITy911! Welcome to the forum!
Reading the Firefox bug report, this affected every browser extension because it was a problem with the Firefox browser, rather than with the extensions running in it.
Why has 1Password chosen to participate in something so clearly susceptible to this kind of invasive control?
Can you please clarify what you mean by "invasive control" here and why you think 1Password is participating in such a thing? I am not sure I understand, and I don't see the connection with the Firefox issue.
What exactly is the technical imperative to choose this highly damaging paradigm?
Here too, I would appreciate it if you could explain what you mean by "highly damaging paradigm".
I know we're dealing with passwords and ultra-secure data, but surely that is contained within my system, and in that case, that is my concern, not yours.
It is also our concern in the sense that we do all we can to keep your data secure. But I see what you mean, and yes, we agree that your 1Password data is yours and only you should access it. We built 1Password specifically to do this.
If 1Password does not like the heat this Firefox matter is bringing to bear, solely by association, I respectfully suggest you immediately engineer a solution that extracts you from being aligned and constrained in this manner.
Do you mean not offering a Firefox browser extension anymore? Because otherwise I cannot see how we could foresee issues in other software.
I'm not the developer here, but I sure am the victim, and I am none too impressed, on two counts.
I hope you understand that we are not the developers of the Firefox browser. Because of this, we have no control over what happens over there (and with any other browser, for that matter), so we cannot prevent bugs from happening.
0 -
No, not all extensions were affected. I count 16 that are still functional in my configuration.
1Password has, for whatever reason, chosen to design its extension in a particular manner. This decision has been inextricably linked to Firefox's certificate authentication system, and has therefore caused disruption to user workflow.
That's what I mean by invasive control and damaging paradigm. If other extension developers have managed to escape this impact, 1Password would be well-advised to consider immediately revising its approach to the 1Password Firefox add-on to do the same, if at all technically feasible.
And that's what I mean by 'heat,' because by association, 1Password, like it or not, is party to the impact this failure has caused.
I am not blaming 1Password, and of course I know AgileBits is not the developer of Firefox. But if you are going to play in the Mozilla sandbox, I suggest you better know where the ticking time bombs are, and take preventative measures to isolate 1Password from those failures. With 'agile' in the company name, let's just see how quickly you can find a 1Password solution to the problem.
Finally, I don't consider something that is foreseeable and preventable a 'bug.' Calling it as such is an intentional misrepresentation of the facts. A "Firefox expired cert issue" is a rather different matter than misplaced code, and therefore brings a certain level of culpability with it.
Thank you.
0 -
I’m not even sure what you’re proposing. But we don’t have any involvement with Mozilla’s certificate or Firefox’s authentication system. We submit our extensions to them and they approve them, so you may want to take it up with them if you think they need to revise their system.
ref: FYZ-57512-323
0 -
This is an unfortunate consequence of working in someone else's environment. Just as our Mac application has to play by Apple's rules our Firefox extension has to play by Mozilla's. As for how some extensions continued to function for you — I'm not sure. Maybe those extensions aren't published on Mozilla's add-on site? Either way, I suspect if there is something within reason we can do to avoid this type of situation in the future, we will. Thanks for your feedback.
Ben
0
