Sign Torbutton XPI updates
"Disable updates during Tor usage" is enabled by default. Does Firefox check the certificate signature of AMO or can this update be subverted by MITM via rogue CA (which is a realistic concern for Tor's threat model)?
Secondly, is it a good idea to trust AMO infrastructure and upstream developers or shouldn't we first review the addon updates before deploying to TBB users via updates signed by Torproject?
Usually this only concerns NoSript updates which happen frequently but never are really high priority.
Eventually there'll be an autoupdate for the whole TBB anyway (so I heard).