When you install an add-on, Firefox checks that it has been verified or "signed" before proceeding. Unsigned add-ons have not yet been reviewed by Mozilla and might cause security issues. If an add-on is unsigned, Firefox will display a warning message and prevent the add-on from installing.
Why do add-ons need to be verified?
Add-ons that change your browser's settings without your consent or steal your information have become increasingly common. In order to protect you against these attacks, developers must follow security guidelines before Mozilla signs them.
Where can I find signed add-ons?
All add-ons hosted on addons.mozilla.org are signed before they are listed.
Add-ons hosted on other sites may or may not be signed by Mozilla. Firefox allows you to install add-ons from other sites, as long as they follow the add-on safety guidelines.
Override add-on signing (advanced users)
You can temporarily override the setting to enforce the add-on signing requirement by changing the preference xpinstall.signatures.required to false in the about:config page. Support is not available for any changes made to these settings so please do this at your own risk. Signing will be mandatory with no override, in Firefox 47 beta and release versions. For details, see this Mozilla blog.
