SecurityEngineering/MeetingNotes/2013-04-28
From MozillaWiki
Agenda 2014-04-28 CHAIR: Monica Agenda:
- 2014 Q2 Goals recap - do we want to add a goal around CRL sets? (and postpone a current goal?)
- DNT (working group last call + telemetry stats) [sid]
- Tracking Preference Expression (TPE) is standard for DNT, the header
- Little guidance on compliance from the working group, prioritizing technical expression (compliance doc is forthcoming)
- SF is going to be a MV day tomorrow (Cantina)
- Cantina in all offices for Australis!
- Privacy Badger release estimated for Wednesday
- New CTO! Also, welcome new management overlord rbarnes
- Bug bounty update?
- None so far
- Testing is much better than the rest of gecko
- Heartbleed monitor add-on update (https://addons.mozilla.org/en-US/firefox/addon/heartbleed_monitor/ )
- New version of addon out
- No publicity planned, missed the market (buzz?) window
- CSP parser on track to land mostly by May 16
- Webcrypto reviews out, good feedback from keeler, camilo, bz, should be landed by end of May
- Starting FF 31, mozpkix enabled for all platforms/channels
- TBPL + sandbox: windows logging non-existing, try using procmon as service
- CRLSets: work channeled into addon with rbarnes and ggp
Action items for next week:
- (tanvi) create nsIContentPolicy replacement wiki
- (grobinson, ckerschb, sid) Start landing CSP parser
- (rbarnes) Land WebCrypto IDL interfaces
- (rbarnes) Make github for CRLSet addon
- (rbarnes) Document CRLSet/OCSP workflow