Extensions: require all updates to be digitally signed #747
Description
This is a follow up to #746 (comment). We currently support extension server APIs that require extension signature verification, but if one doesn't, or there isn't a public key for a server, we just give a warning and proceed. We should change this to abort the update in these cases instead.