Security/Features/OCSP Stapling
Status
| OCSP Stapling | |
| Stage | Landed |
| Status | In progress |
| Release target | Firefox 25 |
| Health | OK |
| Status note | ` |
{{#set:Feature name=OCSP Stapling
|Feature stage=Landed |Feature status=In progress |Feature version=Firefox 25 |Feature health=OK |Feature status note=` }}
Team
| Product manager | Sid Stamm |
| Directly Responsible Individual | David Keeler |
| Lead engineer | David Keeler |
| Security lead | Curtis Koenig |
| Privacy lead | Sid Stamm |
| Localization lead | ` |
| Accessibility lead | ` |
| QA lead | ` |
| UX lead | ` |
| Product marketing lead | ` |
| Operations lead | ` |
| Additional members | ` |
{{#set:Feature product manager=Sid Stamm
|Feature feature manager=David Keeler |Feature lead engineer=David Keeler |Feature security lead=Curtis Koenig |Feature privacy lead=Sid Stamm |Feature localization lead=` |Feature accessibility lead=` |Feature qa lead=` |Feature ux lead=` |Feature product marketing lead=` |Feature operations lead=` |Feature additional members=` }}
Open issues/risks
`
Stage 1: Definition
1. Feature overview
Allow sites to send the OCSP response in the TLS handshake so we can validate the site certificate without pinging an OCSP server too. See bug 360420. Also related bug 436414. bug 700693 is where the PSM changes are happening.
2. Users & use cases
A site wants to use OCSP but not rely on 100% availability of the OCSP responder or a fast enough connection to the CA.
3. Dependencies
`
4. Requirements
`
Non-goals
`
Stage 2: Design
5. Functional specification
`
6. User experience design
`
Stage 3: Planning
7. Implementation plan
`
8. Reviews
Security review
`
Privacy review
`
Localization review
`
Accessibility
`
Quality Assurance review
`
Operations review
`
Stage 4: Development
9. Implementation
`
Stage 5: Release
10. Landing criteria
` {{#set:Feature open issues and risks=` |Feature overview=Allow sites to send the OCSP response in the TLS handshake so we can validate the site certificate without pinging an OCSP server too. See bug 360420. Also related bug 436414. bug 700693 is where the PSM changes are happening. |Feature users and use cases=A site wants to use OCSP but not rely on 100% availability of the OCSP responder or a fast enough connection to the CA. |Feature dependencies=` |Feature requirements=` |Feature non-goals=` |Feature functional spec=` |Feature ux design=` |Feature implementation plan=` |Feature security review=` |Feature privacy review=` |Feature localization review=` |Feature accessibility review=` |Feature qa review=` |Feature operations review=` |Feature implementation notes=` |Feature landing criteria=` }}
Feature details
| Priority | P1 |
| Rank | 999 |
| Theme / Goal | TLS Hardening |
| Roadmap | Security |
| Secondary roadmap | Platform |
| Feature list | Platform |
| Project | ` |
| Engineering team | Security |
{{#set:Feature priority=P1
|Feature rank=999 |Feature theme=TLS Hardening |Feature roadmap=Security |Feature secondary roadmap=Platform |Feature list=Platform |Feature project=` |Feature engineering team=Security }}
Team status notes
| status | notes | |
| Products | ` | ` |
| Engineering | ` | ` |
| Security | ` | ` |
| Privacy | ` | ` |
| Localization | ` | ` |
| Accessibility | ` | ` |
| Quality assurance | ` | ` |
| User experience | ` | ` |
| Product marketing | ` | ` |
| Operations | ` | ` |
{{#set:Feature products status=`
|Feature products notes=` |Feature engineering status=` |Feature engineering notes=` |Feature security status=` |Feature security health=` |Feature security notes=` |Feature privacy status=` |Feature privacy notes=` |Feature localization status=` |Feature localization notes=` |Feature accessibility status=` |Feature accessibility notes=` |Feature qa status=` |Feature qa notes=` |Feature ux status=` |Feature ux notes=` |Feature product marketing status=` |Feature product marketing notes=` |Feature operations status=` |Feature operations notes=` }}