Networking/Archive/IndividualPriorities: Difference between revisions

Networking/Archive/IndividualPriorities (view source)

Revision as of 16:39, 22 November 2011

922 bytes removed , 22 November 2011

→‎Brian Smith

Briansmith

Confirmed users

69

edits

@@ Line 48: / Line 48: @@
 == [mailto:bsmith@mozilla.com Brian Smith] ==
-* Ongoing: Help intern David Keeler on DNSSEC-based TLS (Keelerification).
+Availability from 2011-11-28 through 2012-1-1:
+* Unavailable December 6-12.
+* Likely working from outside the office all of December.
+* I would like to be PTO December 25-31. However, I can cancel this if needed.
 Right Now:
-# Bug {{nbug|650858}} and bug {{nbug|619198}} - Instantiating nsICertOverrideService at startup throws NS_ERROR_XPC_GS_RETURNED_FAILURE and makes Firefox unusable / nsStrictTransportSecurityService can be created off main thread and uses non-threadsafe nsPermissionManager
+# {{bug|674147}} - Remove the SSL thread - preliminary WIP patch in bug. Depends on bugs that have patches. - Waiting on review from Honza
-# Bug {{nbug|624514}} - PSM accesses pref service off the main thread - have patch, need to test.
+# {{bug|674148}} - De-serialize certificate chain validations. The patch for {{bug|674147}} does this.
-# Bug {{nbug|640625}} - PKCS#12 does not iterate hashing - patch needs to be checked in
-# Bug {{nbug|593077}} - Remove SSL 2.0 support  - almost done, need to tweak patch
+Week of 2011-11-27 to 2011-12-03:
-# Bug {{nbug|665814}} - [hidden] - Need to update patch based on feedback from Oracle
+# Import NSS 3.13.2 pre-release into mozilla-central
-# bug {{nbug|590364}} - Stop accepting MD5 as a hash algorithm by June 30, 2011
+# Land SSL thread removal patches
-# bug {{nbug|650355}} - Stop accepting MD5 as a hash algorithm in PSM on June 30, 2011
+# Help Steve Workman with {{bug|354493}} if needed.
-# bug {{nbug|674147}} - Remove the SSL thread - preliminary WIP patch in bug. Depends on bugs that have patches.
+# {{bug|660749}} - PSM doesn't revalidate certificates of resources from the cache.
-# Bug {{nbug|511393}} - Use multiple SSL worker threads - looks like we will WONTFIX this in favor of removing the SSL thread.
-# Bug {{nbug|668397}} - hidden - patch reviewed and WTC landed the critical part.
-# Bug {{nbug|674148}} - De-serialize certificate chain validations (needed only if we choose to fix bug 674147 instead of fixing bug 511393).
-# Integrate NSS 3.12.11 into mozilla-central.
-I will be on PTO from July 27th through Aug 1st. I will be at Blackhat August 2nd through August 5th. I will be at USENIX August 10th - 12th.
+Week of 2011-12-04 to 2011-12-10:
+# Travel to Beijing
+# {{bug|640625}} - PKCS#12 does not iterate hashing - patch needs to be checked in
+# {{bug|682244}} and {{bug|676829}}
+# {{bug|590364}} and {{bug|650355}} - Stop accepting MD5 as a hash algorithm
 Later:
+# Import NSS 3.13.2 final release into mozilla-central
+# Bug {{nbug|624514}} - PSM accesses pref service off the main thread - have patch, need to test.
 # {{nbug|664542}} - hidden
 # {{nbug|508633}} - Unresponsive OCSP server should not be treated as revocation
 # Test PSM using libpkix vs current cert chain building using SSLLabs and/or EFF SSL Observatory data sets.
-# Bug 660749 - PSM doesn't revalidate certificates of resources from the cache.
-# Remove support for weak crypto (https://www.wsjsafehouse.com/)
 # Fix bug {{nbug|650307}} - Certificate chain is verified twice for EV certificates
 # Fix bug {{nbug|481656}} - Change cert viewer to validate/build cert chains the same way they are used for trust decisions
 # Fix bug {{nbug|650296}} - PSM may report a different certificate error than what was originally encountered
-# Drive certificate exclusion standard (DANE, or a lightweight DANE-like mechanism) forward
 # Any libpkix fixes identified during libpkix testing.
-# Fix bug {{nbug|651246}} - Make libpkix-based certificate path building/validation the default in PSM (bigger project than I initially expected; see growing list of blocking bugs. Will require lots of testing.)
+# Fix bug {{nbug|651246}} - Make libpkix-based certificate path building/validation the default in PSM.
 # Review rrelyea's patches for bug {{nbug|470994}} (and related bugs) - Complete active distrust in NSS
 # TLS compression (Google already wrote patches, but they may require some cleanup and we need to enable the feature in PSM.)
 # Patches to NSS needed to support NSS/PSM startup time improvements (bug {{nbug|648407}}, bug {{nbug|648435}}, bug {{nbug|648431}})
-# Review bug {{nbug|360420}} - Implement OCSP Stapling, and follow-ups to enable the feature in PSM
-# Finalize NSS release and import into mozilla-central
 # PSM startup time improvements (bug {{nbug|648407}}, bug {{nbug|648435}}, bug {{nbug|648431}})
 # Drive decision on acceptable cert validation staleness (no bug, related to bug {{nbug|643916}}, will try to pass off to Gervase)
-# Implement subscription-based blocklisting of certs via update ping (Bug {{nbug|647868}}, bug {{nbug|643982}}) - High risk of slipping
+# Implement subscription-based blocklisting of certs via update ping (Bug {{nbug|647868}}, bug {{nbug|643982}}) - Needs libpkix
-# Fix bug {{nbug|646156}} - Delete or Distrust doesn't work with multiple selected certs
+# Remove support for weak crypto (https://www.wsjsafehouse.com/)
+# OCSP stapling
 == [mailto:hbambas@mozilla.com Honza Bambas] ==

Networking/Archive/IndividualPriorities: Difference between revisions

Networking/Archive/IndividualPriorities (view source)

Revision as of 16:39, 22 November 2011

Navigation menu

Search