Confirmed users
69
edits
Networking/Archive/IndividualPriorities: Difference between revisions
Networking/Archive/IndividualPriorities (view source)
Revision as of 15:32, 26 July 2011
, 26 July 2011→Brian Smith
Briansmith (talk | contribs) |
|||
| Line 36: | Line 36: | ||
* Ongoing: Help intern David Keeler on DNSSEC-based TLS (Keelerification). | * Ongoing: Help intern David Keeler on DNSSEC-based TLS (Keelerification). | ||
# {{nbug| | Right Now: | ||
# | # Bug {{nbug|640625}} - PKCS#12 does not iterate hashing - patch needs to be checked in | ||
# {{nbug|664542}} | # Bug {{nbug|593077}} - Remove SSL 2.0 support - almost done, need to tweak patch | ||
# Bug {{nbug|665814}} - [hidden] - Need to update patch based on feedback from Oracle | |||
# bug {{nbug|590364}} - Stop accepting MD5 as a hash algorithm by June 30, 2011 | |||
# bug {{nbug|650355}} - Stop accepting MD5 as a hash algorithm in PSM on June 30, 2011 | |||
# bug {{nbug|674147}} - Remove the SSL thread - preliminary WIP patch in bug. Depends on bugs that have patches. | |||
# Bug {{nbug|511393}} - Use multiple SSL worker threads - looks like we will WONTFIX this in favor of removing the SSL thread. | |||
# Bug {{nbug|668397}} - hidden - patch reviewed and WTC landed the critical part. | |||
# Bug {{nbug|674148}} - De-serialize certificate chain validations (needed only if we choose to fix bug 674147 instead of fixing bug 511393). | |||
# Integrate NSS 3.12.11 into mozilla-central. | |||
I will be on PTO from July 27th through Aug 1st. I will be at Blackhat August 2nd through August 5th. I will be at USENIX August 10th - 12th. | |||
Later: | |||
# {{nbug|664542}} - hidden | |||
# {{nbug|508633}} - Unresponsive OCSP server should not be treated as revocation | |||
# Test PSM using libpkix vs current cert chain building using SSLLabs and/or EFF SSL Observatory data sets. | # Test PSM using libpkix vs current cert chain building using SSLLabs and/or EFF SSL Observatory data sets. | ||
# Bug 660749 - PSM doesn't revalidate certificates of resources from the cache. | # Bug 660749 - PSM doesn't revalidate certificates of resources from the cache. | ||
# Remove support for weak crypto (https://www.wsjsafehouse.com/) | # Remove support for weak crypto (https://www.wsjsafehouse.com/) | ||
| Line 56: | Line 68: | ||
# Finalize NSS release and import into mozilla-central | # Finalize NSS release and import into mozilla-central | ||
# PSM startup time improvements (bug {{nbug|648407}}, bug {{nbug|648435}}, bug {{nbug|648431}}) | # PSM startup time improvements (bug {{nbug|648407}}, bug {{nbug|648435}}, bug {{nbug|648431}}) | ||
# Drive decision on acceptable cert validation staleness (no bug, related to bug {{nbug|643916}}, will try to pass off to Gervase) | # Drive decision on acceptable cert validation staleness (no bug, related to bug {{nbug|643916}}, will try to pass off to Gervase) | ||
# Implement subscription-based blocklisting of certs via update ping (Bug {{nbug|647868}}, bug {{nbug|643982}}) - High risk of slipping | # Implement subscription-based blocklisting of certs via update ping (Bug {{nbug|647868}}, bug {{nbug|643982}}) - High risk of slipping | ||
# Fix bug {{nbug|646156}} - Delete or Distrust doesn't work with multiple selected certs | # Fix bug {{nbug|646156}} - Delete or Distrust doesn't work with multiple selected certs | ||
== [mailto:hbambas@mozilla.com Honza Bambas] == | == [mailto:hbambas@mozilla.com Honza Bambas] == | ||