Security/CryptoEngineering

From MozillaWiki
Jump to: navigation, search

Last Updated: 7 Sept 2017

Mission: Use modern cryptography to improve the security and privacy of Firefox

Protect Firefox users on the Internet through up-to-date cryptographic protocols

  • Maintain the cryptography and transport security library that powers Firefox, NSS
  • Enforce the technical policies of the Mozilla CA Certificate Program
  • Lead the adoption of cryptographic technologies to improve security throughout Firefox

Crypto Engineering Projects

Our team's major projects are broken down by module:

NSS

NSS is the cryptography and transport security library that powers Firefox.


PSM

PSM performs the business logic of deciding whether a given secure network connection is actually trustworthy. It applies logic from the user's choices, the Mozilla Root Program, and the platform in order to make a trust determination. E.g., whether to show a connection as secure.

Web Authentication

Password authentication is known to be a security liability on the Web. The W3C Web Authentication Working Group is developing a specification for using Scoped Credentials to supplement or replace passwords. Mozilla intends to continue supporting the Web Authentication (WebAuthn) specification.

Useful testing sites

Web Authentication:

U2F (behind a pref, experimental, not released):