Confirm
529
edits
Changes
→Projects
* Mentors: [https://mozillians.org/en-US/u/mgoodwin/ Mark Goodwin], [https://mozillians.org/en-US/u/psiinon/ Simon Bennetts]
=== NSS : Demos ===
* Mentors: [https://mozillians.org/en-US/u/franziskus/ Franziskus Kiefer], [https://mozillians.org/en-US/u/ttaubert/ Tim Taubert], [https://mozillians.org/en-US/u/jcjones/ JC Jones]
In this project a suite of NSS demos should be compiled (ideally web executable using something like [https://runnable.io Runnable]) as reference for developers that want to use the library.
=== The NSS TLS : Server integration ===
* Mentors:[https://mozillians.org/en-US/u/franziskus/ Franziskus Kiefer], [https://mozillians.org/en-US/u/ttaubert/ Tim Taubert], [https://mozillians.org/en-US/u/jcjones/ JC Jones]
This project should identify those problems, fix them, and provide integration for all major HTTP server.
=== NSS: SHA-3 Implementation in NSS ===
* Mentors: [https://mozillians.org/en-US/u/franziskus/ Franziskus Kiefer], [https://mozillians.org/en-US/u/ttaubert/ Tim Taubert], [https://mozillians.org/en-US/u/jcjones/ JC Jones]
This project should provide basic SHA-3 support for [https://nss-crypto.org/ NSS].
=== NSS: Formal Verification of NSS ===
* Mentors: [https://mozillians.org/en-US/u/ttaubert/ Tim Taubert], [https://mozillians.org/en-US/u/franziskus/ Franziskus Kiefer], [https://mozillians.org/en-US/u/jcjones/ JC Jones]
This project should formally verify implementations (or parts of) of e.g. ciphers, the TLS protocol, libmpi, libec in the [https://nss-crypto.org/ NSS] library.
=== NSS : TLS Interop ===
* Mentors: [https://mozillians.org/en-US/u/ttaubert/ Tim Taubert], [https://mozillians.org/en-US/u/jcjones/ JC Jones], [https://mozillians.org/en-US/u/franziskus/ Franziskus Kiefer]
This project would work on improving the scalability and feature set of ssh_scan, a tool for scanning for ssh policy and compliance (mainly attributes found here https://github.com/claudijd/ssh_scan/blob/master/examples/192.168.1.1.json). This tool is currently open-sourced as more of a prototype tool here (https://github.com/claudijd/ssh_scan). Current feature gaps include the ability to detect the types of authentication (password/key-based/auth), nmap-style targeting and scanning, and IPv6 support. Lastly, it might be useful to have some server-side infrastructure components/API developed for this service with a cool front end to assist with scanning/compliance automation. These are the sorts of things this project team would attempt to solve and deliver during the project window.
=== OpenSAMM: Security Testing Workflow and Toolchain for Python Websites and Services ===
* Mentors: [https://mozillians.org/en-US/u/amuntner/ Adam Muntner]
