canmove, Confirmed users
4,854
edits
Security/Security Bugs/EncryptedBugmail: Difference between revisions
Security/Security Bugs/EncryptedBugmail (view source)
Revision as of 22:03, 12 March 2012
, 12 March 2012→1. Why are we making this change?
| Line 8: | Line 8: | ||
=== 1. Why are we making this change? === | === 1. Why are we making this change? === | ||
There has been concern for some time that email containing security problems that can affect hundreds of millions of people are being sent to developers and other interested parties as clear text. This means that there is a risk of interception as the email is sent across the Internet or if mail is stored offline on a local machine with the mail client. By switching to encrypted email for security bugs, we lessen the risk of accidental exposure of security issues. | |||
This change does make it more difficult to read bug mail for security issues in web hosted mail services but there is always the option of not setting up secure mail for an account and simply going to Bugzilla to view changes in security bugs. | |||
This change was piloted by the former Infrasec team at Mozilla, which focused on security issues in Web sites and infrastructure, and it was found to work well. | |||
=== 2. How can I upload a Public Key? === | === 2. How can I upload a Public Key? === | ||