Notary is a XUL application that allows extension developers to sign their extensions, although it isn’t clear how well this will work. Signing is ridiculously expensive, and to cover hundreds of extensions would easily cost many tens of thousands. But we have options.
The bare bones of the project has been put up on the wiki. But I am open to suggestions, especially from extension developers on features they want to see.
There isn’t a solid timeline, because much/all of the security XPCOM stuff is undocumented. I put up notes on the wiki about things that are not obvious. Maybe someone should start putting this all together before someone else goes through what I went through.