Agenda

• Q2 Goals - recap
• DNT update
• Security Assurance Work Week
• QA
• Please add SF room to this meeting time
• Blackhat + DEFCON
• Meadhbh (Maeve) + interns

Q2 Goals

• https://intranet.mozilla.org/2013Q2Goals#Security_Engineering

DNT Update (Sid)

• F2F meeting next week in Sunnyvale

Security Assurance Work Week

• next week in SF
• joint session Tuesday 11 am
  • Things to present:
    • insanity::pkix (cviecco)
    • revocation checking proposal (bsmith)
    • sandboxing (bsmith/imelven)
    • Using CSP etc internally -- dogfooding our features (imelven)
  • things to learn
    • What's the plan with dogfooding features, roadmap and goals for 2013-2014
    • What's the strategy for making firefox a secure product -- overall high-level
• ping mcoates to share their schedule Google doc if interested
• dinner Thursday night

QA

Needs more info on upcoming features, specs, data, anything: - Application Reputation scanning: bug 662819 - Classic cert validation replacement - OCSP stapling support: bug 700693 - Necko - Blushproof: http://github.com/mozilla/blushproof (this is an addon) - others?

Blackhat + DEFCON

• Al Billings is organizing/coordinating
• https://intranet.mozilla.org/ConferencesSchedule/Blackhat2013
• grobinson, bsmith potentially

Meadhbh + interns

• Meadhbh is starting Monday, going to work on stuff with cviecco and bsmith and keeler initially
• intern - Mohammed starts on Monday the 13th, cviecco thinks he will look at CRLsets and CRLs
• intern - Ivan is starting on Monday the 20th - possibly devtools-y goodness
• Christoph is starting September 2nd, might be out here to onramp