Platform/2014-Q3-Goals: Difference between revisions
< Platform
Jump to navigation
Jump to search
| Line 40: | Line 40: | ||
=== Security & Privacy === | === Security & Privacy === | ||
''6/30/2014 draft, not yet frozen'' | |||
==== Content Security ==== | |||
* {{new|Gecko Security Hooks: Finish code and debugging for New Channel API, start getting reviews}} (dri=tanvi) | |||
* {{new|Gecko Security Hooks: Create plan for addon compatibility}} (dri=tanvi) | |||
* {{new|CSP: Remove old JS implementation from mozilla-central}} (dri=sstamm) | |||
* {{new|Referer: Finish implementation of <meta> referrer control with volunteer help}} (dri=sstamm) | |||
* {{new|Evangelism: Security Open Mic presentation + blog post about new CSP implementation, maybe again as brown bag.}} (dri=sstamm) | |||
* {{new|''[stretch goal]'' CSP: Fix majority of CSP 1.1 compatibility bugs}} (dri=ckerschb) | |||
==== Tracking Protection ==== | |||
* {{new|Land first implementation of protection in Fx 33/34 off by default.}} (dri=mmc) | |||
==== Communications Security ==== | |||
* {{prev|SSL Error Reporting}} finish first implementation of ssl error reporting feature. (dri=grobinson) | |||
* {{new|Land enforcment of at least 2 more Baseline Requirements in PSM}} (dri=keeler) | |||
* {{new|Create roadmap for Cert Revocation improvements}} (dri=rbarnes) | |||
* {{new|hpkp - implement pinning http header}} (dri=cviecco) | |||
* {{new|''[stretch goal]'' Get CA Program data into one database}} (dri=kathleen) | |||
=== Firefox and Platform Security === | === Firefox and Platform Security === | ||
Revision as of 23:31, 1 July 2014
Platform
2014 General Goals
GFX
Layout
Media
DOM
- [ON TRACK] Mirror prototype of DOM objects through xray wrappers (peterv)
- [ON TRACK] Remove nsDOMClassInfo.cpp
WebAPI
JS
Accessibility
- Taking shape: Accessibility/Planning/Goals
Perf
Networking
Mobile
A*Team
Web Engineering
SUMO and Input
Release Engineering
Release Engineering Operations
Developer Services
Security & Privacy
6/30/2014 draft, not yet frozen
Content Security
- [NEW] Gecko Security Hooks: Finish code and debugging for New Channel API, start getting reviews (dri=tanvi)
- [NEW] Gecko Security Hooks: Create plan for addon compatibility (dri=tanvi)
- [NEW] CSP: Remove old JS implementation from mozilla-central (dri=sstamm)
- [NEW] Referer: Finish implementation of <meta> referrer control with volunteer help (dri=sstamm)
- [NEW] Evangelism: Security Open Mic presentation + blog post about new CSP implementation, maybe again as brown bag. (dri=sstamm)
- [NEW] [stretch goal] CSP: Fix majority of CSP 1.1 compatibility bugs (dri=ckerschb)
Tracking Protection
- [NEW] Land first implementation of protection in Fx 33/34 off by default. (dri=mmc)
Communications Security
- [CARRY OVER] SSL Error Reporting finish first implementation of ssl error reporting feature. (dri=grobinson)
- [NEW] Land enforcment of at least 2 more Baseline Requirements in PSM (dri=keeler)
- [NEW] Create roadmap for Cert Revocation improvements (dri=rbarnes)
- [NEW] hpkp - implement pinning http header (dri=cviecco)
- [NEW] [stretch goal] Get CA Program data into one database (dri=kathleen)
Firefox and Platform Security
- Marifuzz fuzzer ported to and running on Flame devices.
- Update ASAN and LSAN work for DOMFuzzer
- Update "Bounty Stars" document with issues found by external reporters and updating DOMFuzzer to reflect these results.
- Create official OS X ASAN builds in concert with RelEng.
- Initial work to move CoreFuzz towards running in cloud environments.
- WebCrypto API fuzzing using Dharma fuzzer.
- Port a portion of WebRTC fuzzing from Frambois fuzzer to Dharma fuzzer.
- Peach: Improving and porting Peach 2 to Python 3.
- Public Mozilla Security Github work: Moving of fuzzing tools from Fuzzing Hg to Github, including work to separate harnesses from data generation tools.