|
|
| (17 intermediate revisions by the same user not shown) |
| Line 1: |
Line 1: |
| ''Last Updated: 3 Jan 2017'' | | '''Mission''': Use modern cryptography to improve the security and privacy of Firefox |
| | |
| | Protect Firefox users on the Internet through up-to-date cryptographic protocols |
| | |
| | * Maintain the cryptography and transport security library that powers Firefox, [[NSS]] |
| | * Enforce the technical policies of the Mozilla [[CA|CA Certificate Program]] |
| | * Lead the adoption of cryptographic technologies to improve security throughout Firefox |
|
| |
|
| = Crypto Engineering Projects = | | = Crypto Engineering Projects = |
| Line 8: |
Line 14: |
| NSS is the cryptography and transport security library that powers Firefox. | | NSS is the cryptography and transport security library that powers Firefox. |
|
| |
|
| * 2017 Q2: [[NSS/Demos|[MWOS] Add new NSS demonstration code]] to show how to use NSS in a modern way.
| |
| * 2017 Q2: [[NSS/ARGON2|[MWOS] Implement Argon2]] to provide a basis to modernize the Master Password in Firefox.
| |
| * 2017 Q2: Implement hardware crypto accelerations on OSX and ARM
| |
| * 2017 Q3: [[NSS/BoGo_Tests|Integrate BoGo's integration tests into NSS builds]].
| |
| ** The automated tests for NSS are mostly unit tests. Integration testing was historically assumed to happen at Firefox, but that's limited. BoGo is a rich set of integration tests that can diagnose protocol issues during automated testing.
| |
| * 2017 Q4: Post-Quantum Research and Development.
| |
| ** Mozilla is intending to join the efforts in developing cryptography that will remain secure once quantum computers come online. This is expected to be a long-duration R&D effort.
| |
|
| |
|
| == PSM == | | == PSM == |
| PSM performs the business logic of deciding whether a given secure network connection is actually trustworthy. It applies logic from the user's choices, the Mozilla Root Program, and the platform in order to make a trust determination. E.g., whether to show a connection as secure. | | PSM performs the business logic of deciding whether a given secure network connection is actually trustworthy. It applies logic from the user's choices, the Mozilla Root Program, and the platform in order to make a trust determination. E.g., whether to show a connection as secure. |
|
| |
|
| * 2016 Q4 / 2017 Q1: Re-architect PSM/NSS interaction to eliminate shutdown crashes. | | * [[Security/CryptoEngineering/Intermediate Preloading|Intermediate Preloading]] |
| ** The interaction between PSM and NSS is extremely old, and doesn't follow the modern methods Gecko uses to initialize and shutdown modules. As such, NSS sometimes crashes when shutting down; this is a leading crash on Android. Fixing this is a substantial architectural change.
| | * [https://bugzilla.mozilla.org/show_bug.cgi?id=1464828 OS-supplied Data at Rest Protections] |
| ** Details here: [[Security/CryptoEngineering/Platform Use of NSS|Platform Use of NSS]]
| |
| * 2017 Q2: Speed up TLS handshakes | |
| * 2017 Q2: Continue work on our Certificate Transparency implementation and test infrastructure
| |
| * 2017 Q3: Move error-string formatting for our error pages into the front-end JavaScript
| |
| * 2017 Q3: Retool the "See more" sections of error pages using JavaScript to provide more help
| |
|
| |
|
| == Web Authentication == | | == Web Authentication == |
| Password authentication is known to be a security liability on the Web. The [https://www.w3.org/TR/webauthn/ W3C Web Authentication Working Group is developing a specification] for using Scoped Credentials to supplement or replace passwords. Mozilla intends to implement Web Authentication (WebAuthn) specification.
| | See [[Security/Web Authentication]] |
| | |
| * 2016 Q2: FIDO U2F v1.1 JS API landed, hidden behind preferences.
| |
| ** You can test a "Soft Token" using any recent version of Firefox using the instructions at https://u2f.bin.coffee/
| |
| * 2017 Jan: Draft WebAuthn JS API available, hidden behind a pref, using the Soft Token from U2F.
| |
| ** [https://groups.google.com/d/msg/mozilla.dev.platform/F0rCRF8z87E/CPh7dIJ9BQAJ Intent to Implement Announcement]
| |
| ** [https://lists.w3.org/Archives/Public/public-webauthn/2017Jan/0083.html Ready For Experiment Announcement]
| |
| * 2017 Q2: Support USB HID U2F devices on Linux, Mac OS X, and Windows. [https://github.com/jcjones/u2f-hid-rs/ rust u2f-hid-rs library]
| |
| * 2017 Q2-3: Integrate USB HID U2F devices with the WebAuthn JS API.
| |
| ** [https://bugzilla.mozilla.org/show_bug.cgi?id=1380270 Bug 1380270: Add libudev support to the tree]
| |
| ** [https://bugzilla.mozilla.org/show_bug.cgi?id=1388843 Bug 1388843: Add u2f-hid-rs rust library to the tree]
| |
| ** [https://bugzilla.mozilla.org/show_bug.cgi?id=1388851 Bug 1388851: Tie u2f-hid-rs rust library into WebAuthn's U2F HID Manager]
| |
| * 2017 Q2-3: Update to Working Draft 5 of the WebAuthn JS API.
| |
| ** Done in Firefox 56
| |
| * 2017 Q3: Integrate USB HID U2F devices with the WebAuthn JS API.
| |
| ** [https://bugzilla.mozilla.org/show_bug.cgi?id=1245527 Bug 1245527: Tie U2F JS API into WebAuthn's U2F HID Manager]
| |
| *** This will enable hardware support when [https://bugzilla.mozilla.org/show_bug.cgi?id=1388851 Bug 1388851] lands.
| |
| * 2017 (late): Support USB HID CTAP devices on desktop platforms. (Exact version TBD)
| |
| * 2017 (late): Update to the Candidate Recommendation of the WebAuthn JS API.
| |
| * 2018: Support WebAuthn for mobile Firefox.
| |
| | |
| | |
| All of the above dates are for landing in Firefox Nightly.
| |
| | |
| '''Goal''': permit use of U2F tokens via a user-controllable preference (not on by default) in Firefox 56 or 57, and Web Authentication (on by default) in Firefox 57 or 58. (See [[RapidRelease/Calendar]])
| |
| | |
| === Unstable Build: 28 August 2017 ===
| |
| | |
| This build contains all of the above patches for Bug 1380270, Bug 1388843, Bug 1388851, and Bug 1245527. It also generally has some small fixups that will also make it somewhere or other.
| |
| | |
| * OSX: https://queue.taskcluster.net/v1/task/EEFV8kReSEGQL5Ju9be1jA/runs/0/artifacts/public/build/target.dmg
| |
| * Windows 64: https://queue.taskcluster.net/v1/task/OiarfVMeQ9Ciktw0CKHcdw/runs/0/artifacts/public/build/target.zip
| |
| * Linux: Unavailable at TaskCluster for now, due to [https://treeherder.mozilla.org/logviewer.html#?job_id=126547385&repo=try&lineNumber=8105 libudev not being available to the rust compiler]
| |
| | |
| Enabling debugging (example for OSX):
| |
| | |
| MOZ_LOG="webauthnmanager:5, webauth_u2f:5, webauth_u2f:5, u2fkeymanager:5, u2fhidtoken:5, u2fmanager:5" ~/Desktop/NightlyDebug.app/Contents/MacOS/firefox
| |
| | |
| This build supports WebAuthn WD-05 and U2F v1.1 using hardware tokens. This build passes at:
| |
| * https://u2f.bin.coffee/
| |
| * https://u2fdemo.appspot.com/
| |
| | |
| It does not work with some form of attestation-signature error at:
| |
| * https://demo.yubico.com/u2f
| |
| * Github
| |
| | |
| | |
| == DOM Security ==
| |
| * 2017 Q2: Enable [https://wicg.github.io/hsts-priming/ HSTS Priming] in Firefox Beta
| |
| * 2017 Q2: Update our Mixed Content Blocking implementation to the [https://www.w3.org/TR/mixed-content/ W3C Candidate Recommendation]
| |
| * 2017 Q3: Release paper on HSTS Priming approach
| |