Security/B2G/2013 11 26

From MozillaWiki
< Security‎ | B2G
Jump to: navigation, search

FirefoxOS Security Team Meeting

1pm PST, B2G Vidyo room Prior notes are here:

Agenda Items

Agile all the things!

  • entrance criteria filter actionable reviews
  • gives better estimate of workload we can take per sprint
  • points to estimate the size of a review (size = difficulty, not hours)
   - small gaia review (1 day): 1 pt
   - basic gecko api review: 3 pts
  • [cr] OpenPGP.js integration meeting now every other week (Mo, 18h CET), notes here: (woot!)
  • [cr] Sec Review Training concept emerging:
  • [cr] Sebastian Regler wanting to do FxOS FDE work for BA (kang started communicating with him on cr's req as well)
  • [arroway] Firefox OS Account: I talked to Jed Parsons (jedp), the core features implementation won't change a lot when it has landed on mozilla-central on Dec 9th (most of the remaining work will be testing and UX)
   - ready to be reviewed
   - gecko patches:
   - gaia:

[kang] secreview stuff for pauljt (feedback always welcome): (draft/in progress) (earlier version sample)
   Sandbox targetted for 1.4 (?) w/ kernel support from partners
   marta: wants a work week for working on various things (incl. supervisor)
   marta: req a deadline for supervisor
  1. FxOSSec standups channel, rogerroger: i did stuff

Web Interface:

Previous Action Items

New Action Items

- post in standups

Goal Status Updates

Other stuff

Security guidelines for partners: Feel free to send suggestions