Security/Features/OCSP Stapling

From MozillaWiki
Jump to: navigation, search
Please use "Edit with form" above to edit this page.

Status

OCSP Stapling
Stage Landed
Status In progress
Release target Firefox 25
Health OK
Status note `

Team

Product manager Sid Stamm
Directly Responsible Individual David Keeler
Lead engineer David Keeler
Security lead Curtis Koenig
Privacy lead Sid Stamm
Localization lead `
Accessibility lead `
QA lead `
UX lead `
Product marketing lead `
Operations lead `
Additional members `

Open issues/risks

`

Stage 1: Definition

1. Feature overview

Allow sites to send the OCSP response in the TLS handshake so we can validate the site certificate without pinging an OCSP server too. See bug 360420. Also related bug 436414. bug 700693 is where the PSM changes are happening.

2. Users & use cases

A site wants to use OCSP but not rely on 100% availability of the OCSP responder or a fast enough connection to the CA.

3. Dependencies

`

4. Requirements

`

Non-goals

`

Stage 2: Design

5. Functional specification

`

6. User experience design

`

Stage 3: Planning

7. Implementation plan

`

8. Reviews

Security review

`

Privacy review

`

Localization review

`

Accessibility

`

Quality Assurance review

`

Operations review

`

Stage 4: Development

9. Implementation

`

Stage 5: Release

10. Landing criteria

`


Feature details

Priority P1
Rank 999
Theme / Goal TLS Hardening
Roadmap Security
Secondary roadmap Platform
Feature list Platform
Project `
Engineering team Security

Team status notes

  status notes
Products ` `
Engineering ` `
Security ` `
Privacy ` `
Localization ` `
Accessibility ` `
Quality assurance ` `
User experience ` `
Product marketing ` `
Operations ` `