monkeysphere XPI files should be internally cryptographically signed
We should be in the habit of "signing the XPI files we distribute":https://www.mozdevgroup.com/docs/pete/Signing-an-XPI.html
I suspect that this should be done with the "Monkeysphere Archive Signing Key":http://web.monkeysphere.info/archive-key -- that means we need to think about how to convert the existing Archive Signing Key into a PKCS#11 item that we can comfortably use for this purpose.
(from redmine: created on 2010-04-02)
Edited by John Scott