SecurityEngineering/MeetingNotes/08-22-13
From MozillaWiki
Standing Agenda
- Q3 Goals Recap ( https://wiki.mozilla.org/SecurityEngineering/2013/Q3Goals#Q3_Goals )
- Review roadmap priorities to ensure they accurately reflect active projects and Mozilla's priorities
- Suggest additions or changes to roadmaps
- Detailed discussion of features or outstanding issues as time permits
- Additional Items
- Upcoming events, OOO/travel, etc.
Last week: https://wiki.mozilla.org/SecurityEngineering/MeetingNotes/08-08-13
Agenda 08-22-13
- Q3 Goals Recap
- Site security data storage in PSM: http://people.mozilla.com/~dkeeler/simplestorage.html
- lets stop using the permission manager for HSTS
- Read proposal and send keeler feedback
- Congrats new cookie module owner!
- Web Console Security Messages Blog Post: https://etherpad.mozilla.org/Yhevr8zflo
- Web Console Security pane & Net pane discussion take 2
(net pane picture: ) Edge cases that would cause inconsistency listed here: https://bugzilla.mozilla.org/show_bug.cgi?id=875456#c37
Q3 Goals
- [ON TRACK] Finish first phase of Sandboxing
- Outcome: seccomp in e10s/Larch or on nightly + clear roadmap
- DRI: Sid
- Tasks:
- Consult : E10S contributions to make it reasonably usable in nightly. (without extensions/plugins) assign: ALL as appropriate
- Implement : [NEW] Fix window.crypto to work in E10S}
- Implement : [NEW] Fix CSP tests to work in E10S garrett + sid
- Implement : [AT RISK] land seccomp for Linux (min bar for sandboxing) keeler - part of an old patch for bug 790923
- Research : [NEW] Prioritize secomp tightening steps, begin executing it sid
- Research : [NEW] Create story/plan for addon compatibility monica
- [ON TRACK] Cookie Clearinghouse
- Outcome: Identify feasibility and nail down spec
- DRI: Monica
- Tasks:
- Implement : [NEW] spec out and make go/nogo decision on implementation
- Consult : [NEW] drive Stanford effort to stable spec
- [AT RISK] Implement alternative revocation checking mechanisms
- Outcome: must-staple + pinning + insanity on by default in nightly
- DRI: Camilo
- Tasks:
- Implement : [AT RISK] Enable insanity::pkix validation by default on nightly
- Implement : [NEW] Land key pinning
- Implement : [NEW] Land must-staple support
- [ON TRACK] SafeBrowsing 2.0
- Outcome: App reputation whitelist on by default in nightly
- DRI: Monica
- Tasks:
- Implement : [NEW] Land app reputation system with whitelist support