1 Topic by camrdale

(4 replies, posted in Requests)

This is more of a curiosity for why you have chosen to do things this way, as opposed to a request to change them.

I was wondering why you don't expand on the Enigmail Thunderbird extension to work with Firefox rather than starting from scratch? Enigmail already has all the routines for connecting securely to the gpg program, all it needs is the interface to work with firefox. Instead of redoing all this, why not make use of the mature and secure Enigmail routines, and just focus all your attention on the Firefox/Gmail user interface? I think the end result would be a better extension (though I'm sure you have your reasons for starting from scratch).

There's even a 3rd firefox extension with similar functionality: Enigform. I even found a post on the Enigform authors site suggesting that 'Enigmail, FireGPG and Enigform's (myself) authors should "sit down" and discuss [...] a standard key-management interface (Enigmail's, for example)'. Have you heard from him about this? Here's the post: http://foros.buanzo.com.ar/viewtopic.php?f=37&t=231

Go to forum: Requests

2 Reply by camrdale

(9 replies, posted in New versions)

Thanks for the PM, but I am still unconvinced.

> - You aren't have to restart FF I you will restart it later...

Then I don't get the update until later. You're basically saying there's an important update, but not so important that I shouldn't restart Firefox? Is there a problem with the standard FireFox update scheme? It seems to work (and very quickly) for yours and every other extension I have.

> - Maybe you update as fast a possible, but not every body, there are some users who simply turn off the updates.

Right, they've turned off the updates, maybe for a good reason, and you're forcing them to be back on! Warn them on installation that updating is recommended, or add an option to disable the automatic firegpg updates and put a big fat warning next to it saying "it's not recommended" or "make sure the standard firefox updates are enabled", or something.

> - With debian package, old repository versions will not be updated.

I don't understand. You won't be updating the package in the Debian repository? I believe that will get your package quickly removed from the repository.

If you must, go ahead and do everything you can to make the default to check for upgrades, but please please PLEASE give me (and others) a simple option to disable it so I don't have to be faced with update messages all the time if I'm willing to live with the consequences.

Thanks,
Cameron

Go to forum: New versions

3 Reply by camrdale

(9 replies, posted in New versions)

the_glu wrote:

- Auto detect new versions and propose updates for FireGPG.
Every 24 hours FireGPG will check if it can be updated.  If it can, you will be asked to update. We did this for a few reasons: First, because FireGPG is a critical addon with security, we feel a rapid update process is required. Next, FireGPG will be packaged on Debian servers.  Since an FireGPG update would require a package update, we are setting it up for FireGPG to update itself.  The update system is totally anonymous.

I understand your desire to want to keep this up to date, but I don't see the necessity of going outside the normal Firefox update process to do so. Whenever I (re)start my firefox (which is at least once every 24 hours) I am always promptly informed of updates to extensions. This happens before FireFox loads, which is ideal. Your update process is annoying as it occurs after FireFox loads, and so caused me to lose my saved browser state (tabs and such).

I also use Debian, and will switch to the package when it's released to unstable, but I would still prefer NOT to receive your updates over the web, but rather through the VERY competent Debian update and security-update processes.

If you're not willing to remove the automatic updates, at least think about please providing a configuration option to disable the automatic update process for others such as myself.

FYI, this issue caused a stir recently on the Debian Policy mailing list in regards to Azureus's use of similar automatic updates. The consensus seemed to be that such a feature should be disabled on debian systems, which I suspect means you might have trouble getting a package into Debian that supports the automatic update feature. Here's an example post from a prominent Debian Developer on the subject: http://lists.debian.org/debian-policy/2 … 00034.html

Thanks for the great product,
Cameron

Go to forum: New versions