I'm not sure if this is the right list for this, but I thought I'd
better bring this to your attention.
Previous release directories have carried checksum files, with
signatures and a key file that allows the various binary files to be
validated. See, for example,
http://releases.mozilla.org/pub/firefox/releases/45.0.1/
In the most recent release, at
http://releases.mozilla.org/pub/firefox/releases/45.0.2/ , these files
appear to be missing, making it impossible to validate the release files
as authentic.
This seems to me to be a backwards step for Firefox distribution
security. If this is an oversight, could it be remedied, please? If this
is a deliberate change, could someone please provide a rationale for the
changes?
Kind regards,
Neil Harris
_______________________________________________
dev-platform mailing list
dev-platform@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-platform
