Security/Features/CA Policy Constraints in Code
Status
| CA Policy Constraint Checking in Code | |
| Stage | Draft |
| Status | ` |
| Release target | ` |
| Health | OK |
| Status note | ` |
{{#set:Feature name=CA Policy Constraint Checking in Code
|Feature stage=Draft |Feature status=` |Feature version=` |Feature health=OK |Feature status note=` }}
Team
| Product manager | Sid Stamm |
| Directly Responsible Individual | ` |
| Lead engineer | ` |
| Security lead | ` |
| Privacy lead | ` |
| Localization lead | ` |
| Accessibility lead | ` |
| QA lead | ` |
| UX lead | ` |
| Product marketing lead | ` |
| Operations lead | ` |
| Additional members | Kathleen Wilson |
{{#set:Feature product manager=Sid Stamm
|Feature feature manager=` |Feature lead engineer=` |Feature security lead=` |Feature privacy lead=` |Feature localization lead=` |Feature accessibility lead=` |Feature qa lead=` |Feature ux lead=` |Feature product marketing lead=` |Feature operations lead=` |Feature additional members=Kathleen Wilson }}
Open issues/risks
`
Stage 1: Definition
1. Feature overview
Enforce important policy requirements in code; such as enforcing EKUs down the chain (Bug #725351), and enforcing SHA-1 transitions (Bug #942515).
Note that there are two parts to this: 1) adding checks to NSS and PSM as deemed appropriate, and 2) creating a test suite to track progress towards compliance and determine if/when additional checks should be added to NSS and PSM.
For the test suite, the tests should check for Mozilla CA Policy compliance, BR compliance, and (optionally) EV compliance. As we gather data about how well these policies are being followed, then we can determine which checks should be directly into PSM. We should be able to run the tests separately for a cert chain or website, and over data such as the EFF or CT data. The tests should provide info about the cert chain and policies that are not being followed. Things the tests should check for:
- https://bugzilla.mozilla.org/show_bug.cgi?id=927184
- http://research.microsoft.com/pubs/206278/ndss.pdf
Note that the weak key issue is being tracked in a separate feature page: https://wiki.mozilla.org/Security/Features/Certs_Disallow_Weak_Keys
2. Users & use cases
We can automatically detect and block unsafe configuration of certificates and HTTPS connections that are weak.
3. Dependencies
`
4. Requirements
`
Non-goals
`
Stage 2: Design
5. Functional specification
`
6. User experience design
`
Stage 3: Planning
7. Implementation plan
`
8. Reviews
Security review
`
Privacy review
`
Localization review
`
Accessibility
`
Quality Assurance review
`
Operations review
`
Stage 4: Development
9. Implementation
`
Stage 5: Release
10. Landing criteria
` {{#set:Feature open issues and risks=` |Feature overview=Enforce important policy requirements in code; such as enforcing EKUs down the chain (Bug #725351), and enforcing SHA-1 transitions (Bug #942515).
Note that there are two parts to this: 1) adding checks to NSS and PSM as deemed appropriate, and 2) creating a test suite to track progress towards compliance and determine if/when additional checks should be added to NSS and PSM.
For the test suite, the tests should check for Mozilla CA Policy compliance, BR compliance, and (optionally) EV compliance. As we gather data about how well these policies are being followed, then we can determine which checks should be directly into PSM. We should be able to run the tests separately for a cert chain or website, and over data such as the EFF or CT data. The tests should provide info about the cert chain and policies that are not being followed. Things the tests should check for:
- https://bugzilla.mozilla.org/show_bug.cgi?id=927184
- http://research.microsoft.com/pubs/206278/ndss.pdf
Note that the weak key issue is being tracked in a separate feature page: https://wiki.mozilla.org/Security/Features/Certs_Disallow_Weak_Keys |Feature users and use cases=We can automatically detect and block unsafe configuration of certificates and HTTPS connections that are weak. |Feature dependencies=` |Feature requirements=` |Feature non-goals=` |Feature functional spec=` |Feature ux design=` |Feature implementation plan=` |Feature security review=` |Feature privacy review=` |Feature localization review=` |Feature accessibility review=` |Feature qa review=` |Feature operations review=` |Feature implementation notes=` |Feature landing criteria=` }}
Feature details
| Priority | P2 |
| Rank | 999 |
| Theme / Goal | Product Hardening |
| Roadmap | Security |
| Secondary roadmap | ` |
| Feature list | ` |
| Project | ` |
| Engineering team | Security |
{{#set:Feature priority=P2
|Feature rank=999 |Feature theme=Product Hardening |Feature roadmap=Security |Feature secondary roadmap=` |Feature list=` |Feature project=` |Feature engineering team=Security }}
Team status notes
| status | notes | |
| Products | ` | ` |
| Engineering | ` | ` |
| Security | ` | ` |
| Privacy | ` | ` |
| Localization | ` | ` |
| Accessibility | ` | ` |
| Quality assurance | ` | ` |
| User experience | ` | ` |
| Product marketing | ` | ` |
| Operations | ` | ` |
{{#set:Feature products status=`
|Feature products notes=` |Feature engineering status=` |Feature engineering notes=` |Feature security status=` |Feature security health=` |Feature security notes=` |Feature privacy status=` |Feature privacy notes=` |Feature localization status=` |Feature localization notes=` |Feature accessibility status=` |Feature accessibility notes=` |Feature qa status=` |Feature qa notes=` |Feature ux status=` |Feature ux notes=` |Feature product marketing status=` |Feature product marketing notes=` |Feature operations status=` |Feature operations notes=` }}