Latest revision as of 08:23, 24 April 2023

ARCHIVED

This page has been archived and its contents may be out of date.

Please see Networking/TeamPriorities for team priorities.

General Priorities for All Team Members

These priorities apply to all team members at all times:

Resolve security bugs rated sg:moderate or higher.
Review requests older than one week.

These should be taken care of before any other work is done.

Individual Priorities

These priority lists should reflect the work that each individual is planning to do, in the order in which they plan to do it.

Only networking team members should be changing priorities. If you have questions about priorities or anything else on this list please email the relevant person or Josh Aas (networking team manager).

Michal Novotny

bug 436414, OCSP client should be able to use HTTP GET as well as POST
bug 558253, Proxy Auto Config (PAC) Extended functions for multi-resolution and ipv6

Jason Duell

Top Priorities:

Bug 558623 - e10s HTTP: combine PHttpChannel constructor with SendAsyncOpen/SendRedirect1Begin. Jason will do this.
[NEEDSBUG]: make JAR channels seekable. Jason will do this.
Bug 746073 - Meter network usage per "web app". Jason will do this.

Future:

781392 mochi.tests hitting proxy error on B2G hardware
782542 Secure necko IPDL usage
794978 Always delete app's cookies even if the cookies have not been loaded yet
799212 - Cookies: add test for webapps-clear-data with browserOnly=true
More reviews
711886 (write test for) Refuse connection if server replies with non-matching subprotocol
792238 - Convert IPC::SerializedLoadContext to use newer IPDL parameter style
benchmark Websocket latency peformance vs Chrome
Better error messages for HTTP CORRUPT error 688345.
698692 Make WebSocket.close() prevent any more events from firing
704447 Improve large blob support for WebSockets
write Necko e10s documentation

Honza Bambas

new cache implementation (70-80% of all my time dedicated to it)
improve event tracer
466524 allow ssl in xpcshell tests + * 766166 Have a service protocol to communicate with ssltunnel
871323 Fix and enable offline cache mochitests for B2G
627635 Make remote localStorage not block the UI main thread on disk IO
- I'd like to push this one to someone else
832540 Optimize child implementation of localStorage async database API
842777 preload webappsstore.sqlite on first access to warm cache + use CHUNK_SIZE of 1meg
834301 Implement memory reporter for DOM storage
851310 The wrong local storage area is shown to chrome code when a session-only exception applies
748620 When cookie expiration is set to ask every time, localStorage throws a security exception
536509 localStorage does not obey "third-party cookies" pref
more DOM storage followups (report them)

830391 Prevent null dereferences in nsDiskCacheDeviceSQL
814330 crash in nsOfflineCacheDevice::ChooseApplicationCache
423758 Firefox can't authenticate to IIS when minimum NTLM level set to v2

Nick Hurley

Patrick McManus

Major items (mostly serial)

TLS false start (q3 goal) 658222 713933
pinterest derived work 813707 (tracker) 792438 (block on head scripts) 813712 (connect some blockers) and 813715 (throttle bw of high parallelism)
HTTP2 prototype of SPDY with DNS SRV for IETF work
OCSP stapling with cache anticipation
OCSP GET w/local HTTP stack and cache for persistence (assuming sec ok)
SPDY push
SPDY/4 (dep: spec stable at this point)
TLS Cached Info for eliminating cert chain spills (dep: sec-ok, and stable spec)
Research on UDP based transports
Prioritization scheduling of partial resources to reduce ready-to-use time

Smaller items (as time allows in no particular order)

Telemetry for OCSP {Pass/Fail, Time}
Telemetry for OCSP Cache Anticipation
Telemetry for TLS Cipher Choice
804605 CNAME/NTLM regression of mine
Fixes to priority levels of existing requests (ping, favicon, etc..)
Read Handlers For SDPY need to be always engaged
SPDY: standardization issues
SPDY Test infrastructure

Steve Workman

Fix two security bugs assigned to me.
497003 Bug 497003: support sending OnDataAvailable() to other threads
Help implement new disk cache

@@ Line 1: / Line 1: @@
+{{Template:Archived}}
+Please see [[Networking/TeamPriorities]] for team priorities.
+= General Priorities for All Team Members =
+These priorities apply to all team members at all times:
+# Resolve security bugs rated sg:moderate or higher.
+# Review requests older than one week.
+These should be taken care of before any other work is done.
 = Individual Priorities =
+These priority lists should reflect the work that each individual is planning to do, in the order in which they plan to do it.
 Only networking team members should be changing priorities. If you have questions about priorities or anything else on this list please email the relevant person or [mailto:josh@mozilla.com Josh Aas] (networking team manager).
@@ Line 5: / Line 20: @@
 == [mailto:mnovotny@mozilla.com Michal Novotny] ==
-# {{bug|681546}}, Avoid large cache evictions as disk fills by smoothing "smart" max cache size
+# {{bug|436414}}, OCSP client should be able to use HTTP GET as well as POST
-# {{bug|682727}}, Crash during datamove (ACCESS VIOLATION READ)
-# {{bug|679296}}, a disk cached resource is not memory cached when in private browsing
-# review of {{bug|405407}}
-# {{bug|649564}}, Intermittent failure in test_socks.js
-# {{bug|648232}}, Clear Recent History should be async
-# {{bug|235853}}, [PAC] Defer proxy resolution for HTTP and HTTPS PAC to avoid blocking main thread during DNS resolution
 # {{bug|558253}}, Proxy Auto Config (PAC) Extended functions for multi-resolution and ipv6
-# {{bug|666059}}, Only use memory cache for private browsing
-# Stop deleting disk cache after a crash
-# Help with mobile disk cache
-== [mailto:bherland@mozilla.com Bjarne Herland] ==
-# Work on mobile cache (essentially bug {{nbug|645848}})
-## Refine the microbenchmarks
-## Run these and analyze results from mobile
-# Awaiting review {{nbug|667593}}
-# Waiting for feedback on bugs {{nbug|668207}} and {{nbug|628998}}
-# Fix bug {{nbug|661115}}.
-# Work on bugs {{nbug|575928}}, {{nbug|613159}}
-# Understand implications and consequences of bug {{nbug|602611}} better
 == [mailto:jduell@mozilla.com Jason Duell]  ==
-# reviewing {{nbug|215450}} (> 2GB uploads), {{nbug|536324}} dwitte's 64-bit Content-Length patch.
+Top Priorities:
-#Finishing up [https://bugzilla.mozilla.org/buglist.cgi?cmdtype=runnamed&namedcmd=websockets&list_id=1110823 various websockets bugs]
-#Follow up HTTP headers work {{nbug|669259}}.
-#Review Nick's e10s error-handling for FTP {{nbug|657076}}
-#lots of little bugs and more reviews...
-#add documentation on e10s necko
-== [mailto:bsmith@mozilla.com Brian Smith] ==
-* Ongoing: Help intern David Keeler on DNSSEC-based TLS (Keelerification).
+# Bug 558623 - e10s HTTP: combine PHttpChannel constructor with SendAsyncOpen/SendRedirect1Begin. Jason will do this.
+# [NEEDSBUG]: make JAR channels seekable. Jason will do this.
+# Bug 746073 - Meter network usage per "web app". Jason will do this.
-Right Now:
+Future:
-# Bug {{nbug|650858}} and bug {{nbug|619198}} - Instantiating nsICertOverrideService at startup throws NS_ERROR_XPC_GS_RETURNED_FAILURE and makes Firefox unusable / nsStrictTransportSecurityService can be created off main thread and uses non-threadsafe nsPermissionManager
-# Bug {{nbug|624514}} - PSM accesses pref service off the main thread - have patch, need to test.
-# Bug {{nbug|640625}} - PKCS#12 does not iterate hashing - patch needs to be checked in
-# Bug {{nbug|593077}} - Remove SSL 2.0 support  - almost done, need to tweak patch
-# Bug {{nbug|665814}} - [hidden] - Need to update patch based on feedback from Oracle
-# bug {{nbug|590364}} - Stop accepting MD5 as a hash algorithm by June 30, 2011
-# bug {{nbug|650355}} - Stop accepting MD5 as a hash algorithm in PSM on June 30, 2011
-# bug {{nbug|674147}} - Remove the SSL thread - preliminary WIP patch in bug. Depends on bugs that have patches.
-# Bug {{nbug|511393}} - Use multiple SSL worker threads - looks like we will WONTFIX this in favor of removing the SSL thread.
-# Bug {{nbug|668397}} - hidden - patch reviewed and WTC landed the critical part.
-# Bug {{nbug|674148}} - De-serialize certificate chain validations (needed only if we choose to fix bug 674147 instead of fixing bug 511393).
-# Integrate NSS 3.12.11 into mozilla-central.
-I will be on PTO from July 27th through Aug 1st. I will be at Blackhat August 2nd through August 5th. I will be at USENIX August 10th - 12th.
+# {{nbug|781392}} mochi.tests hitting proxy error on B2G hardware
+# {{nbug|782542}} Secure necko IPDL usage
-Later:
+# {{nbug|794978}} Always delete app's cookies even if the cookies have not been loaded yet
-# {{nbug|664542}} - hidden
+# {{nbug|799212}} - Cookies: add test for webapps-clear-data with browserOnly=true
-# {{nbug|508633}} - Unresponsive OCSP server should not be treated as revocation
+# More reviews
-# Test PSM using libpkix vs current cert chain building using SSLLabs and/or EFF SSL Observatory data sets.
+# {{nbug|711886}} (write test for) Refuse connection if server replies with non-matching subprotocol
-# Bug 660749 - PSM doesn't revalidate certificates of resources from the cache.
+# {{nbug|792238}} - Convert IPC::SerializedLoadContext to use newer IPDL parameter style
-# Remove support for weak crypto (https://www.wsjsafehouse.com/)
+# benchmark Websocket latency peformance vs Chrome
-# Fix bug {{nbug|650307}} - Certificate chain is verified twice for EV certificates
+# Better error messages for HTTP CORRUPT error {{nbug|688345}}.
-# Fix bug {{nbug|481656}} - Change cert viewer to validate/build cert chains the same way they are used for trust decisions
+# {{nbug|698692}} Make WebSocket.close() prevent any more events from firing
-# Fix bug {{nbug|650296}} - PSM may report a different certificate error than what was originally encountered
+# {{nbug|704447}} Improve large blob support for WebSockets
-# Drive certificate exclusion standard (DANE, or a lightweight DANE-like mechanism) forward
+# write Necko e10s documentation
-# Any libpkix fixes identified during libpkix testing.
-# Fix bug {{nbug|651246}} - Make libpkix-based certificate path building/validation the default in PSM (bigger project than I initially expected; see growing list of blocking bugs. Will require lots of testing.)
-# Review rrelyea's patches for bug {{nbug|470994}} (and related bugs) - Complete active distrust in NSS
-# TLS compression (Google already wrote patches, but they may require some cleanup and we need to enable the feature in PSM.)
-# Patches to NSS needed to support NSS/PSM startup time improvements (bug {{nbug|648407}}, bug {{nbug|648435}}, bug {{nbug|648431}})
-# Review bug {{nbug|360420}} - Implement OCSP Stapling, and follow-ups to enable the feature in PSM
-# Finalize NSS release and import into mozilla-central
-# PSM startup time improvements (bug {{nbug|648407}}, bug {{nbug|648435}}, bug {{nbug|648431}})
-# Drive decision on acceptable cert validation staleness (no bug, related to bug {{nbug|643916}}, will try to pass off to Gervase)
-# Implement subscription-based blocklisting of certs via update ping (Bug {{nbug|647868}}, bug {{nbug|643982}}) - High risk of slipping
-# Fix bug {{nbug|646156}} - Delete or Distrust doesn't work with multiple selected certs
 == [mailto:hbambas@mozilla.com Honza Bambas] ==
-Priority
+* new cache implementation (70-80% of all my time dedicated to it)
-# bug {{nbug|676349}} Implement high-resolution platform timers for the Windows platform (has first review, I need to update the patch)
+* improve event tracer
-# Offline Application Cache feature, can we use it to optimize load time of pages that don't change resources often?
+* {{nbug|466524}} allow ssl in xpcshell tests + * {{nbug|766166}} Have a service protocol to communicate with ssltunnel
-# bug {{nbug|656943}} test_offlineMode.html | Able to fetch unlisted resource, not properly associated
+* {{nbug|871323}} Fix and enable offline cache mochitests for B2G
-# bug {{nbug|634084}} Assertion failure: ready > 0 Crash
+* {{nbug|627635}} Make remote localStorage not block the UI main thread on disk IO
-# DNS hostname cache (resolve hosts previously needed by document-level host)
+** I'd like to push this one to someone else
-# Happy Eyeballs
+* {{nbug|832540}} Optimize child implementation of localStorage async database API
+* {{nbug|842777}} preload webappsstore.sqlite on first access to warm cache + use CHUNK_SIZE of 1meg
+* {{nbug|834301}} Implement memory reporter for DOM storage
+* {{nbug|851310}} The wrong local storage area is shown to chrome code when a session-only exception applies
+* {{nbug|748620}} When cookie expiration is set to ask every time, localStorage throws a security exception
+* {{nbug|536509}} localStorage does not obey "third-party cookies" pref
+* more DOM storage followups (report them)
-Less priority
+* {{nbug|830391}} Prevent null dereferences in nsDiskCacheDeviceSQL
-# Continue on reviewing pipelining patches from Patrick McManus
+* {{nbug|814330}} crash in nsOfflineCacheDevice::ChooseApplicationCache
-# bug {{nbug|671875}} Ensure transport events are correctly propagated with the new pipelining code
+* {{nbug|423758}} Firefox can't authenticate to IIS when minimum NTLM level set to v2
-# change httpd.js to support keep-alive and pipelining (have first reviews from Jeff Walden)
-# Bug {{nbug|654081}} Firefox 4 doesn't cache font file in TTF or WOFF format (analyze)
-# Bug {{nbug|652440}} auto dial helper does not pop up when open web page
-# Bug {{nbug|660749}} Firefox doesn't (re)validate certificates when loading HTTPS page
-# bug {{nbug|671568}} Add telemetry for HTTP connections utilization
-# bug {{nbug|671884}} Add telemetry for 304 HTTP response
-# check on bug {{nbug|511393}} De-serialize SSL traffic
-Next
-# Mixed content detection
-# Bug {{nbug|650279}} - Add timing interface for SSL handshake
-# Bug {{nbug|657584}} - Optionally record & return details timing information for certificate path validation / revocation checking
-# Bug {{nbug|562917}} - implement captive portal detection
-# Bug {{nbug|480878}} - Generic crash nsSSLThread::requestRecvMsgPeek (depends on Brian's work on removing the SSL thread)
 == [mailto:hurley@mozilla.com Nick Hurley] ==
-# Understand & document current disk cache architecture
+# [[Necko/Performance/AutomatedTesting|Stone Ridge]]
-# Mobile disk cache stuff
+# [https://bugzilla.mozilla.org/buglist.cgi?list_id=1427425&emailtype1=exact&emailassigned_to1=1&query_format=advanced&bug_status=UNCONFIRMED&bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&email1=hurley%40mozilla.com Bugs]
-# Fix bugs {{nbug|41489}}, {{nbug|639959}}
-# Work periodically on [[NeckoNet]]
 == [mailto:pmcmanus@mozilla.com Patrick McManus] ==
-# SPDY {{nbug|528288}}
+Major items (mostly serial)
-# Websockets - content API is now out of date
+# TLS false start (q3 goal) 658222 713933
-# Get HTTP pipelining patches into the tree. tracking bug {{nbug|603503}} which includes sub bugs  {{nbug|232030}}  {{nbug|447866}} {{nbug|597684}}  {{nbug|599164}} {{nbug|602518}} {{nbug|603505}} {{nbug|603506}} {{nbug|603508}} {{nbug|603512}} {{nbug|603513}} {{nbug|603514}} {{nbug|615342}} {{nbug|631801}} (this one needs an update by me) {{nbug|632496}}. Primarily waiting on review cycle from honzab, also on operations to do something with 648091. I also continue to actively test and tweak these patches and have recently tried (with mixed success) to break them down and make them a little more accessible. That is ongoing work.
+# pinterest derived work 813707 (tracker) 792438 (block on head scripts) 813712 (connect some blockers) and 813715 (throttle bw of high parallelism)
-# DNS bug where multiple A records for a single hostname are not properly handled in the case of failures. {{nbug|641937}}. Recently updated - waiting review
+# HTTP2 prototype of SPDY with DNS SRV for IETF work
-# After a captive portal releases you there might still be a problem due to long term persistent connections - {{nbug|628561}}. I have a patch that will release persistent connections based on shift-reload but it got backed out due to a tp4 regression on win7 only (wtf?).. I'm trying to confirm that this is fixed because of a fix in syn retry
+# OCSP stapling with cache anticipation
-# {{nbug|649139}} first network access on mobile is slow with mark finkle.
+# OCSP GET w/local HTTP stack and cache for persistence (assuming sec ok)
-# telemetry - add to necko:telemetry and probably actually try and capture a single piece of data as a proof of concept using mark's add-on.
+# SPDY push
+# SPDY/4 (dep: spec stable at this point)
+# TLS Cached Info for eliminating cert chain spills (dep: sec-ok, and stable spec)
+# Research on UDP based transports
+# Prioritization scheduling of partial resources to reduce ready-to-use time
+Smaller items (as time allows in no particular order)
+# Telemetry for OCSP {Pass/Fail, Time}
+# Telemetry for OCSP Cache Anticipation
+# Telemetry for TLS Cipher Choice
+# 804605 CNAME/NTLM regression of mine
+# Fixes to priority levels of existing requests (ping, favicon, etc..)
+# Read Handlers For SDPY need to be always engaged
+# SPDY: standardization issues
+# SPDY Test infrastructure
 == [mailto:sworkman@mozilla.com Steve Workman]  ==
-#{{nbug|215450}} uploading files that are larger the 2GB fails
+* Fix two security bugs assigned to me.
-#{{nbug|72444}} Proxy: "bypass proxy server for local addresses" (IE pref)
+* {{nbug|Bug 497003}}: support sending OnDataAvailable() to other threads
-#{{nbug|622232}} DNS prefetches continue after a tab is closed
+* Help implement new disk cache
-#{{nbug|390304}} DNS lookups not bypassed when using auto proxy config URL
-Longer term: [[Necko:Telemetry|Telemetry]]
-== [mailto:mmcpherrin@mozilla.com Matthew McPherrin] ==
-# {{nbug|679852}} integrate leveldb into Gecko
-= Unassigned Priorities =
-* TLS False Start, {{bug|658222}}
-* TLS compression, bug #?
-* HTTP Preconnections
-* concurrent cache reads?
-* DNS pre-fetching
-* HTTP semantics object cache (talk to Joe Drew)

Networking/Archive/IndividualPriorities: Difference between revisions