Privacy/Features/Handshake checkpoint API

From MozillaWiki
Jump to: navigation, search
Please use "Edit with form" above to edit this page.


Create API for add-ons and components that provides check-point between TLS/SSL handshake and HTTP request
Stage On hold
Status In progress
Release target `
Health OK
Status note `


Product manager Sid Stamm
Directly Responsible Individual Peter Eckersley
Lead engineer Honza Bombas
Security lead `
Privacy lead Sid Stamm
Localization lead `
Accessibility lead `
QA lead `
UX lead `
Product marketing lead `
Operations lead `
Additional members Brian Smith

Open issues/risks


Stage 1: Definition

1. Feature overview

Create API for add-ons and components that provides check-point between TLS/SSL handshake and HTTP request, allowing add-ons greater scrutiny of secure connections before they are used. This feature also would expose the controls to add-ons so they can implement an alternate certificate-validation path that's not dependent on our existing PKI and root certificate program.

2. Users & use cases

Convergence: Moxie would really like an API like this for simplifying the Convergence ( add-on implementation. He had to "jump through some pretty prolific hoops in order to replace the browser's default certificate validation with my own."

3. Dependencies

  • bug 644640: Implement extension point for extensions to influence trust decisions in PSM

4. Requirements



  • This will not replace our existing PKI/CA program
  • This is not affecting stuff outside the TLS layer of HTTPS connections.
  • This is not adding additional UI over the DV/EV SSL indicators.

Stage 2: Design

5. Functional specification


6. User experience design


Stage 3: Planning

7. Implementation plan


8. Reviews

Security review


Privacy review


Localization review




Quality Assurance review


Operations review


Stage 4: Development

9. Implementation


Stage 5: Release

10. Landing criteria


Feature details

Priority P3
Rank 999
Theme / Goal Product Hardening
Roadmap Security
Secondary roadmap `
Feature list Platform
Project `
Engineering team Networking

Team status notes

  status notes
Products ` `
Engineering ` `
Security ` `
Privacy ` `
Localization ` `
Accessibility ` `
Quality assurance ` `
User experience ` `
Product marketing ` `
Operations ` `