Last Updated: 7 Sept 2017
Mission: Use modern cryptography to improve the security and privacy of Firefox
Protect Firefox users on the Internet through up-to-date cryptographic protocols
- Maintain the cryptography and transport security library that powers Firefox, NSS
- Enforce the technical policies of the Mozilla CA Certificate Program
- Lead the adoption of cryptographic technologies to improve security throughout Firefox
Crypto Engineering Projects
Our team's major projects are broken down by module:
NSS is the cryptography and transport security library that powers Firefox.
PSM performs the business logic of deciding whether a given secure network connection is actually trustworthy. It applies logic from the user's choices, the Mozilla Root Program, and the platform in order to make a trust determination. E.g., whether to show a connection as secure.
Password authentication is known to be a security liability on the Web. The W3C Web Authentication Working Group is developing a specification for using Scoped Credentials to supplement or replace passwords. Mozilla intends to continue supporting the Web Authentication (WebAuthn) specification.
Useful testing sites
U2F (behind a pref, experimental, not released):