MozillaWiki

SecurityEngineering/2015/Q1Goals

< SecurityEngineering
Revision as of 21:21, 6 January 2015 by Sworkman (talk | contribs) (→‎Tracking Protection: Added Tracking Protection Goals)


DRAFT DRAFT DRAFT DRAFT DRAFT

Content Security

  • [NEW] Decide on Security Engineering Proposals for Password Manager: Local Encryption, Autofill, Passwords on HTTP pages (dri=tanvi)
    • (NOTE: This is temporarily vague and should be clearer early in Q1: Blocked on (soon-to-be-made) Firefox Product decisions).
  • [NEW] REVAMP: Finalize LoadInfo patches for JS/C++ gecko channels . (dri=ckerschb)
  • [NEW] REVAMP: Start implementing the LoadInfo shim for addons. (dri=ckerschb)
  • [NEW] CSP: Prototype CSP devtool that provides suggested policy for page. (dri=ckerschb)
  • [NEW] Land SRI with style support. (dri=francois)
  • [NEW] Propose an approach for adding reporting to SRI. (dri=francois)

Tracking Protection

  • [NEW] Get TP UI enabled in Nightly/Aurora to check webcompat, shake out bugs etc. (dri=mmc)
  • [NEW] Review Referrer Policy. (dri=mmc/sid)
  • [NEW] Start experimenting with Containers for Contextual Identity. (dri=mmc)
  • [NEW] Tor bugs. (dri=sid)
  • [NEW] Blog post for meta referrer. (dri=Sid)

Addon Security

TODO

Communications Security

TODO

QE (tracking)

TODO

Retrieved from "https://wiki.allizom.org/index.php?title=SecurityEngineering/2015/Q1Goals&oldid=1045248"