SecurityEngineering/MeetingNotes/12-05-12

From MozillaWiki
Jump to: navigation, search

Standing Agenda

  • Q4 Goals Recap
  • Review currently active (P1) features against their established milestones, identify any blockers - Security/Roadmap + Privacy/Roadmap
  • Review roadmap priorities to ensure they accurately reflect active projects and Mozilla's priorities
  • Suggest additions or changes to roadmaps
  • Detailed discussion of features or outstanding issues as time permits
  • Additional Items
  • Upcoming events, OOO/travel, etc.

Last week: https://wiki.mozilla.org/SecurityEngineering/MeetingNotes/11-29-12

Q4 Goals

  • [ON TRACK] Land CSP 1.0
  • [ON TRACK] Deliver integrated Payments and ID for B2G
  • [DONE] Host security community event (public brownbag on 11/13)

HSTS Pref

  • for discussion : should we have a pref to disable HSTS ?
  • https://bugzilla.mozilla.org/show_bug.cgi?id=800882
  • a strong argument is made by multiple people for 'no' - users won't understand what they're opting in to and we are concerned that websites etc will publicize it without adequately explaining the consequences

Safari-like cookie blocking

2013 security and privacy UX projects

https://firefox-ux.etherpad.mozilla.org/SPF-2013-Planning

Other

  • firefox eng meeting - 10 am tuesday - Tanvi just next week
  • platform meeting 11 am tuesday - Ian will attend
  • Larissa's brownbag was happening -12 PST 12/13 (Thursday) at 10Fwd: Designing Meaningful Security & Privacy (in a world where no one cares?) YAY!!!
    • but has now been rescheduled