Changes

Jump to: navigation, search

SecurityEngineering

954 bytes removed, 23:45, 18 April 2017
Remove duplicate list of projects
==Who is involved==
Security Engineering is led by Wennie Leung. Work is divided between these main teams:
* Privacy and Security Engineering: website & browser security features([[Security/Contextual_Identity_Project/Containers|Containers]], [[CloudServices/Password_Manager|Password Manager]], etc.), DOM security ([[Security/CSP|CSP]], [[Security/Subresource_Integrity|SRI]], Cookies, [[Security/Features/Mixed_Content_Blocker|Mixed Content Blocking]], origin , etc), Content Blocking (safe browsing[[Security/Safe Browsing|Safe Browsing]], download protection[[Security/Application_Reputation|Download Protection]] and [[Security/Tracking_protection|Tracking Protection]]) , [[Security/Features/Revamp_Security_Hooks|revamp of security hooks]], [[Security/Tor_Uplift/Tracking|Tor Uplift]] and sandboxing[[Security/Sandbox/Hardening|Sandbox Hardening]].* [[Security/CryptoEngineering|Communications security]] (Lead:[https://mozillians.org/en-US/u/jcjones/ JC Jones]): TLS stack, communications security, WebCrypto, [[PSM:Topics|PSM]], [[NSS]], [[SecurityEngineering/TLS_Error_Reports|Error Reporting]] and OneCRL
* Defensive Security Engineering (Lead: Tom Ritter): implementing changes to Firefox that improve our security posture.
* [[CA:Overview|Mozilla's CA Certificate Program]] (Program Manager: [https://mozillians.org/en-US/u/kwilson/ Kathleen Wilson])
For details of our projects in these four areas, see the [[Security/Roadmap|security roadmap]].
 
==Current Efforts==
 
'''Content Security'''
{|class="wikitable"
! Topic
! Engineering Contact
! QA Contact
|-
| [[Security/Application_Reputation|Application Reputation]]
| [[User:Fmarier|Francois Marier]]
|
|-
|-
| [[Security/Contextual_Identity_Project/Containers|Containers]]
| Tanvi Vyas
| Kamil Jozwiak
|-
| [[Security/CSP|Content Security Policy]]
| Christoph Kerschbaumer
|
|-
| Meta Referrer
|
|
|-
| [[Security/Features/Mixed_Content_Blocker|Mixed Content Blocking]]
| Tanvi Vyas
|
|-
| [[CloudServices/Password_Manager|Password Manager]]
| Tanvi Vyas
| Kamil Jozwiak / SoftVision
|-
| [[Security/Features/Revamp_Security_Hooks|Revamp of Security Hooks]]
| Christoph Kerschbaumer
|
|-
| [[Security/Safe Browsing|Safe Browsing]]
| [[User:Fmarier|Francois Marier]] / Ethan Tseng
| Cynthia Tang
|-
| [[Security/Subresource_Integrity|Sub-resource Integrity]]
| [[User:Fmarier|Francois Marier]]
|
|-
| [[Security/Tor_Uplift/Tracking|Tor Uplift]]
| Ethan Tseng / Tom Ritter
| Cynthia Tang / Kamil Jozwiak
|-
| [[Security/Tracking_protection|Tracking Protection]]
| [[User:Fmarier|Francois Marier]]
|
|-
| [[Security/Sandbox/Hardening|Sandbox Hardening]]
| [[User:Ptheriault|Paul Theriault]]
|
|}
 
 
'''Communications Security'''
 
{|class="wikitable"
! Topic
! Engineering Contact
! QA Contact
|-
| Add-on signing
| Daniel Veditz
|
|-
| [[CA:Overview|CA Program]]
| Kathleen Wilson
|
|-
| [[Security/TLS_Error_Reporting|Error Reporting]]
| Mark Goodwin
| Matt Wobensmith
|-
| [[Security/OneCRL|OneCRL]]
| Mark Goodwin
| Matt Wobensmith
|}
==How to participate==
Confirm
904
edits

Navigation menu