Security Review Pre-Work

Please fill our the short section below prior to the review, and make sure you contact security@mozilla.org to schedule your actual review.

Overview

Describe the goals and objectives of the feature here. What needs or problems does it address?

Background links

what we have is in https://bugzilla.mozilla.org/show_bug.cgi?id=625217

• feature-tracking bug links
• public specifications (RFC's, W3C specs, IETF Drafts, etc)
• design docs or internal specifications
• data flow or entity relation diagrams
• links to other implementations of the feature

Threats

Please list the top 3 security threats you have considered during the design and implementation of this feature. Consider attack points as well as code that feels fragile.

• Threat 1
• Threat 2
• Threat 3

What mitigations have you implemented?

Topics To Discuss During The Review

Please be prepared to discuss the topics listed at ReviewTopics as they relate to your feature / project. Optionally, you may copy the most relevant questions here and answer them before the review, which could speed up the review meeting.

Review comments

Notes and bug numbers will be recorded here. Let's try not to spend too much time on any one topic during the meeting.