• Time: (Weekly) Tuesday at 13:30 PM PDT / 16:30 PM EDT / 21:30 PM UTC.
• Place: Mozilla HQ, MTV 217 Star Trek
• Phone (US/Intl): 650 903 0800 x92 Conf: 95217#
• Phone (Toronto): 416 848 3114 x92 Conf: 95217#
• Phone (US): 800 707 2533 (pin 369) Conf: 95217#

Agenda

(feel free to add things you would like to discuss)

• [joes] No Security Assurance work week planned
• [joes] Services (dev) is having a work week in MTV this week
• [curtis] stats
  • what stats do we think are important to talk about (for each team)
  • what stats do we think are important to report up the chain?
    • waiting time: if we're a team that provides security services, people need to know how long they have to wait in line.
    • why specifically "up the chain" rather than publicly, or to the relevant development team? < because we need to communicate internally to mgmt before we go public with info; not mgmt, internally. no reason to withold data from staff
  • Question from joes: what stories do our stats tell? Who is the audience?
    • we don't know that yet
  • Question from joes: Can the stats be sent to a mailman list of interested parties? Recommend not sending automated mail to nightwatch@.
    • that would be the general idea, but to some degree we should have internal metrics that everyone on the should be aware of and using to guide work
• [ulfr] HA Proxy termination in AWS (5 mins)
  • https://jve.linuxwall.info/ressources/taf/haproxy-aws/
• [mgoodwin]
  • What's going on in Fennec (4 mins max)
• [pauljt] (3 mins)
• HITB
  • Not looking good (sponsoring it)
  • Paul is looking for help
  • Question: What value do we get in sponsoring it?
  • Action Item: Conversation needed about sponsoring and attending conferences -> Security Council discussion on April 7.
• [dveditz] (2 mins)
  • Special bug bounty program for mozilla::pkix
• [yvan] (3 mins)
• Web Security / Cloud Services Update

Silent Updates

• [joes] OpSec Q2 goals in progress. Will email out tomorrow.