Mission: Use modern cryptography to improve the security and privacy of Firefox

Protect Firefox users on the Internet through up-to-date cryptographic protocols

• Maintain the cryptography and transport security library that powers Firefox, NSS
• Enforce the technical policies of the Mozilla CA Certificate Program
• Lead the adoption of cryptographic technologies to improve security throughout Firefox

Crypto Engineering Projects

Our team's major projects are broken down by module:

NSS

NSS is the cryptography and transport security library that powers Firefox.

PSM

PSM performs the business logic of deciding whether a given secure network connection is actually trustworthy. It applies logic from the user's choices, the Mozilla Root Program, and the platform in order to make a trust determination. E.g., whether to show a connection as secure.

• Intermediate Preloading
• OS-supplied Data at Rest Protections

Web Authentication

Password authentication is known to be a security liability on the Web. The W3C Web Authentication Working Group is developing a specification for using Scoped Credentials to supplement or replace passwords. Mozilla intends to continue supporting the Web Authentication (WebAuthn) specification.

Useful testing sites

Web Authentication:

• https://webauthn.bin.coffee/
• https://webauthn.io/
• https://webauthndemo.appspot.com/
• https://demo.yubico.com/webauthn/

U2F (behind a pref, experimental, not released):

• https://u2fdemo.appspot.com/
• https://github.com/
• https://u2f.bin.coffee/
• https://demo.yubico.com/u2f