Security/Features/WebCrypto

From MozillaWiki
Jump to: navigation, search
Please use "Edit with form" above to edit this page.

Status

Web Cryptography API
Stage Design
Status In progress
Release target `
Health OK
Status note `

Team

Product manager Sid Stamm
Directly Responsible Individual `
Lead engineer TBD
Security lead `
Privacy lead `
Localization lead `
Accessibility lead `
QA lead `
UX lead `
Product marketing lead `
Operations lead `
Additional members `

Open issues/risks

`

Stage 1: Definition

1. Feature overview

[1]

The API is a JavaScript API for performing basic cryptographic operations in web applications, such as hashing, signature generation and verification, and encryption and decryption. Additionally, it describes an API for applications to generate and/or manage the keying material necessary to perform these operations. Uses for this API range from user or service authentication, document or code signing, and the confidentiality and integrity of communications.

2. Users & use cases

(See the webcrypto draft for more details)

  1. Multi-factor Authentication
  2. Protected Document Exchange
  3. Cloud Storage
  4. Document Signing
  5. Data integrity protection
  6. Secure messaging
  7. Javascript Object Signing and Encryption

3. Dependencies

`

4. Requirements

`

Non-goals

Give all web content access to complicated low-level crypto primitives and key material.

Stage 2: Design

5. Functional specification

[2]

6. User experience design

`

Stage 3: Planning

7. Implementation plan

`

8. Reviews

Security review

`

Privacy review

`

Localization review

`

Accessibility

`

Quality Assurance review

`

Operations review

`

Stage 4: Development

9. Implementation

`

Stage 5: Release

10. Landing criteria

`


Feature details

Priority P2
Rank 999
Theme / Goal Web Hardening
Roadmap Security
Secondary roadmap `
Feature list `
Project `
Engineering team Security

Team status notes

  status notes
Products ` `
Engineering ` `
Security ` `
Privacy ` `
Localization ` `
Accessibility ` `
Quality assurance ` `
User experience ` `
Product marketing ` `
Operations ` `