Security/DNSSEC-TLS
| Feature | Status | ETA | Owner |
| DNSSEC-TLS | External implementation | 2011-09-01 | David Keeler
|
This set of pages documents the TLS domain validation through DNSSEC project. This document is currently a work in progress. There are likely many errors.
Summary
This is the summary.
Team
Who's working on this?
- Feature Manager:
- Lead Developer: David Keeler (irc: keeler)
- Product Manager:
- QA:
- Security:
- Privacy:
Release Requirements
These are the release requirements.
Next Steps & Open Issues
- [ON TRACK] Complete external implementation
- [NEW] Complete in-browser implementation
Related Bugs & Dependencies
Links to the feature tracking bug & other relevant bugs; links to related plans (test plan, product marketing plan, etc.); notes about things that depend on this, etc.
Risks
Risks are discussed in the security considerations section of the detailed design page.
Use Cases
The use case is anyone running an HTTPS server and anyone wishing to connect to that server using Firefox.
Designs
Design specifications are detailed here.
Test Plans
Test plans are here.
Goals
Implement domain validation for TLS connections using DNSSEC in Firefox. That is, in addition to sending a certificate in the TLS handshake, a server would send sufficient DNSSEC records to convince the client of its identity and establish public key material.
Non-Goals
Things we are specifically not doing or building as part of this feature.
Other Stuff
Other stuff.
Legend (remove if you like)
| Healthy: feature is progressing as expected. | |
| Blocked: feature is currently blocked. | |
| At Risk: feature is at risk of missing its targeted release. | |
| ETA | Estimated date for completion of the current feature task. Overall ETA for the feature is the product release date. |
Please remove this line and any non-relevant categories below. Add whatever other categories you feel are appropriate.