MozillaWiki

SecurityEngineering/Newsletter: Difference between revisions

Page Discussion

SecurityEngineering/Newsletter (view source)

Revision as of 23:40, 18 April 2017

7 bytes removed ,  18 April 2017
fixing formatting
(add link to sha1 blog post)
(fixing formatting)
Line 35: Line 35:


===Crypto Engineering===
===Crypto Engineering===
 
* The end of SHA-1 certificates: Following a phased deprecation of SHA-1 in Firefox 51, Firefox 52 explicitly distrusts the use of SHA-1 signatures in certificates used for HTTPS.
==The end of SHA-1 certificates: Following a phased deprecation of SHA-1 in Firefox 51, Firefox 52 explicitly distrusts the use of SHA-1 signatures in certificates used for HTTPS.==
* We’ve begun fuzzing the TLS client and server side of the NSS library, raising our confidence in the network-facing code used by all Firefoxes
==We’ve begun fuzzing the TLS client and server side of the NSS library, raising our confidence in the network-facing code used by all Firefoxes==
* Mozilla now runs the tier 1 continuous integration tests for the NSS library internally, without external reliance on RedHat. We’ve also moved our ARM builds and testing off of local machines and into more stable cloud-hosted hardware.
==Mozilla now runs the tier 1 continuous integration tests for the NSS library internally, without external reliance on RedHat. We’ve also moved our ARM builds and testing off of local machines and into more stable cloud-hosted hardware.==


==Operations Security ==
==Operations Security ==
Ptheriault
canmove, Confirmed users
1,220

edits

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/1168639"