Agenda 2014-4-7

CHAIR: Sid Stamm

Agenda:

• Org changes discussion (as necessary)
• 2014 Q1 Goals finalization
• 2014 Q2 Goals planning

2014 Q2 Goals Brainstorm

Web Platform Security:

• [dri=tanvi](?) replace nsIContentPolicy (the Sicking project)
  • and maybe lift out secureUIimpl stuff?
• [dri=ckerschb] Make new CSP parser on by default in nightly (ckerschb) (grobinson)

Secure Platform:

• [dri=rbarnes] Land WebCrypto (Bug 865789) (rbarnes)
  • Come up with a story on hardware crypto / FIDO / smartcards?
• [dri=bobowen] Tie sandbox enabling to e10s pref (enable remote tabs) (bobowen)
• [dri=sstamm] Get open.h264 plugin sandboxed on windows

Secure Communications:

• nsSecureBrowserUIImpl makes babies and kittens cry (Bug 832834)
  • (Refactor it)
• [dri=cviecco] (?) Constrain French CA
• [dri=cviecco] Land key pinning (cviecco) (keeler) (tanvi)
• [dri=keeler] mozilla::pkix on by default, (riding the train to) / (targeting a) release (Kathleen)
• min 1023 bit rsa key sizes for all certs
• BONUS: [dri=kathleen] (?) Deploy UI for cert error reporting

Tracking Protection / Privacy: - Sink another month into privacy badger to get it to Alpha - Re-pitch launching it as an EFF/Mozilla project to Alex and co. - [dri=mmc] Get through the next 2 releases (1.0.10 and 1.0.11) of Lightbeam: https://github.com/mozilla/lightbeam/issues/milestones towards the goal of conducting a small user study on tracking protection (@TheRealMMC)

• Implement blocking heuristics in lightbeam
• Create and publicize solid plan for integrating lightbeam into Firefox
• explore protection from wifi tracking on b2g

============================================