Security/Meetings/2011-10-06: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
|||
| Line 1: | Line 1: | ||
== Updates on Major Projects == | == Updates on Major Projects == | ||
* AppStore | * Apps/AppStore - In a good place for security. Lots more devel work to come | ||
* BrowserID | * BrowserID - Changes coming. More security development in the works | ||
* Pancake | * Pancake - Still under development. Security providing guidance on server and client | ||
== Convergence Notaries == | == Convergence Notaries == | ||
* Should Mozilla host one? | * Should Mozilla host one? | ||
| Line 11: | Line 10: | ||
* Related Info | * Related Info | ||
** Feature required for proper Convergence support: https://bugzilla.mozilla.org/show_bug.cgi?id=644640 | ** Feature required for proper Convergence support: https://bugzilla.mozilla.org/show_bug.cgi?id=644640 | ||
* Mini Summit - Need meeting with Moxie, Kaminsky, Eff? - [bsterne sent mail to bsmith about setting up meeting] | |||
* Telemetry to gather results? | |||
* In SF | |||
* Enable experimentation in this space | |||
== CSRF Defense Idea == | == CSRF Defense Idea == | ||
* Discussion / feedback on Mark's [http://people.mozilla.org/~mgoodwin/OriginOnly/ CSRF defense idea] | * Discussion / feedback on Mark's [http://people.mozilla.org/~mgoodwin/OriginOnly/ CSRF defense idea] | ||
* http://people.mozilla.org/~mgoodwin/OriginOnly/ | |||
* Good feedback | |||
* Talk with Adam Barth | |||
* Action Item - Mark to setup next meeting with Sid, Brandon, Dan, Michael | |||
== Feedback on CSP == | |||
* Ability to disable HTML5 capabilities? | |||
* https://bugzilla.mozilla.org/show_bug.cgi?id=666056 | |||
* https://bugzilla.mozilla.org/show_bug.cgi?id=667329 | |||
== WebSockets - testing tools == | |||
== Team Lunches == | == Team Lunches == | ||
* Every other [Tuesday | Thursday] in Mountain View? | * Every other [Tuesday | Thursday] in Mountain View? | ||
Latest revision as of 18:54, 6 October 2011
Updates on Major Projects
- Apps/AppStore - In a good place for security. Lots more devel work to come
- BrowserID - Changes coming. More security development in the works
- Pancake - Still under development. Security providing guidance on server and client
Convergence Notaries
- Should Mozilla host one?
- Background information
- Related Info
- Feature required for proper Convergence support: https://bugzilla.mozilla.org/show_bug.cgi?id=644640
- Mini Summit - Need meeting with Moxie, Kaminsky, Eff? - [bsterne sent mail to bsmith about setting up meeting]
- Telemetry to gather results?
- In SF
- Enable experimentation in this space
CSRF Defense Idea
- Discussion / feedback on Mark's CSRF defense idea
- http://people.mozilla.org/~mgoodwin/OriginOnly/
- Good feedback
- Talk with Adam Barth
- Action Item - Mark to setup next meeting with Sid, Brandon, Dan, Michael
Feedback on CSP
- Ability to disable HTML5 capabilities?
- https://bugzilla.mozilla.org/show_bug.cgi?id=666056
- https://bugzilla.mozilla.org/show_bug.cgi?id=667329
WebSockets - testing tools
Team Lunches
- Every other [Tuesday | Thursday] in Mountain View?