Security/Meetings/SecurityAssurance/2014-01-14
From MozillaWiki
< Security | Meetings | SecurityAssurance
- Time: (Weekly) Tuesday at 13:30 PM PDT / 16:30 PM EDT / 21:30 PM UTC.
- Place: Mozilla HQ, 3A-All Your Base (3rd Floor)
- Phone (US/Intl): 650 903 0800 x92 Conf: 95316#
- Phone (Toronto): 416 848 3114 x92 Conf: 95316#
- Phone (US): 800 707 2533 (pin 369) Conf: 95316#
Agenda
- Goals [pauljt]
- [freddy] SubResource Integrity Spec, http://w3c.github.io/webappsec/specs/subresourceintegrity/
- Conference sponsorship - can you let pauljt know (email) if there are conferences that you think we should sponsor this year
- Flash discussion
- service-/websec team discussion
- user data discussion
- dchan at AppSecCali (Jan 27-28), PTO Jan 31
- dveditz at AppSecCali (Jan 27-28) plus some PTO after
Upcoming Speaking Engagements
(List it at these two locations too: https://developer.mozilla.org/en-US/events & https://wiki.mozilla.org/Security/Talks )
Planned Blog Posts
- [new] https://mana.mozilla.org/wiki/display/SECURITY/Security+Blog+Posts
- [old]https://docs.google.com/a/mozilla.com/spreadsheet/ccc?key=0AlDw2hHXmVgCdHN3LWZTZ0hjMElPc1g2clRKb2lNN3c
Metrics
- Security Review Status (curtisk)=
- Completed in Q1:64 / Q2: 72 / Q3:55
- https://security-review-statistics.vcap.mozillalabs.com/weekly
- site is down for update, so this data is old
- https://people.mozilla.com/~sarentz/p/dashboard
- Check the status of bugs assigned to you
Operations Security Update (Joe Stevensen)
Project Updates
Please add your name to the update so we know who to follow up with
Firefox Desktop
Firefox Mobile
Firefox OS
- Big work weeks coming up next week in Poland (NFC, Payments), Taipei, elsewhere (media,
- Mainly focused
Firefox Core
MarketPlace
- [cr] mbasta (app-validator, marketplace reviewer tools) has left mozilla
Web Apps
Services
Operation Security
- all firefox accounts all the time
- jeff taking on malware domain reporting (i.e. latest-browser-update.net/Firefox et. al)
- what does that mean exactly? let's chat directly (cr) ;-]