SecurityEngineering/MeetingNotes/05-09-13

From MozillaWiki
Jump to: navigation, search

Standing Agenda

  • Q2 Goals Recap ( https://intranet.mozilla.org/2013Q2Goals#Security_Engineering )
  • Review roadmap priorities to ensure they accurately reflect active projects and Mozilla's priorities
  • Suggest additions or changes to roadmaps
  • Detailed discussion of features or outstanding issues as time permits
  • Additional Items
  • Upcoming events, OOO/travel, etc.

Last week: https://wiki.mozilla.org/SecurityEngineering/MeetingNotes/05-09-13

Q2 Goals

  • [ON TRACK] land the application reputation scanning tool bug 662819 (mmc)
  • [ON TRACK] Turn Mixed Content Blocking on in Aurora (tanvi)
  • [ON TRACK] land classic cert validation replacement, off by default (bsmith)
 builds on all platforms, but some issues with revocation.
  • [ON TRACK] land OCSP stapling support and tests (keeler)
  • [ON TRACK] Revamp the MDN documentation of CSP and Mixed Content Blocker (imelven + tanvi)
 * At risk if 1.0 doesn't land - waiting on review. 
 * For Mixed Content, add a "How to fix your website" component with Brian's list of rewrite rules. Reference reporting of blocked mixed content in the Web Console.
  * https://bugzilla.mozilla.org/show_bug.cgi?id=839238
  • [AWESOME ON TRACK] Develop & socialize plan (document containing steps, timeline, implementation & test plan) for getting sandboxing onto a desktop Firefox, probably Linux (imelven)
  • [ON TRACK] Deploy pilot cookie study and publish results. (ddahl)

Agenda

  • Q2 Goals - recap

Q2 Goals

Apparel Suggestions

INTERNS

  • Mohammad (?) starts on Monday
  • Ivan starting the following week

w2sp

  • May 24th in SF