Prod Sec Org Update (lucas)

• bsterne - Research & Testing
• sid - Privacy
• curtisk - Lifecycle
• Notes from our sec product team meeting https://wiki.mozilla.org/Security/Meetings/2011-08-10

BH / Defcon

• add your notes please
• https://wiki.mozilla.org/Security/Conferences/BlackhatDefcon2011

Joint Roadmap (yvan)

• updates coming from our input
• Discussed ways to improve engagement, identifying key questions or indicators of what degree of security review is required
• Some changes to organization of the security review roadmap
• 2 web sec reviews underway with this version, with a third starting up soon (Notifications)

Password Reset Policy

• concers over how some passwords are reset
• rather than policies for policy sake some things need a good and clear policy, this is specificly for resets in IT
  • https://intranet.mozilla.org/ITPolicies#Password_Reset_Policy

project update

• pancake - firefox home
  • portal or homepage for users, uses history; suggests new & interesting pages to users
  • we may be storing history data on our servers in this scenario (a search portal with history)
  • target audience is iPad iPhone
  • integrating authenticated results (??)

browser id

• crypto verifier being worked on
• major ux redev
• fixes coming