SecurityEngineering/2013: Difference between revisions

From MozillaWiki
Jump to navigation Jump to search
Line 30: Line 30:
* Research/Evangelize/Implement: [https://wiki.mozilla.org/CA CA inclusion/maintenance policy v2.1]
* Research/Evangelize/Implement: [https://wiki.mozilla.org/CA CA inclusion/maintenance policy v2.1]
* Research/Implement: [https://addons.mozilla.org/en-US/firefox/addon/password-knight/ Password Knight]
* Research/Implement: [https://addons.mozilla.org/en-US/firefox/addon/password-knight/ Password Knight]
* Research/Implement: [Security/Features/SSL_Error_Reporting Certificate error reporting]
* Research/Implement: [[Security/Features/SSL_Error_Reporting|Certificate error reporting]]

Revision as of 18:32, 19 June 2013

Working towards our team Strategy, this is what we will work towards in 2013.

Make Firefox More Secure

  • Evangelism: Larissa's airmo talk on secure UX design was picked up by chromium
  • Implement: Sandboxing on Linux and E10S (bug 653064)
  • Implement: Click-To-Play plugins for Firefox (bug 738698)
  • Implement/Evangelize: CSP 1.0 for Firefox platform (bug 663566)
  • Implement/Evangelize: Mixed Content Blocker (bug 815321)
  • Implement: Application Reputation (anti-malware) (bug 662819)
  • Implement/Evangelize: Site security error reporting (web console)

Build Security and Privacy into Mobile

Improve User Control Over How Their Information is Shared and Used

  • Implement/Evangelize: Third Party Cookie blocking bug 818430, though evolving, will improve control
  • Research: Collusion project improved transparency and generated buzz
  • Research: DNT statistics made available by the web
  • Research: Contextual identity work. (Blushproof, paper)
  • Consult: Cookie Clearinghouse

Build Security into Web Communications