SecurityEngineering/2014/Q1Goals

	THIS PAGE IS A WORKING DRAFT
	The page may be difficult to navigate, and some information on its subject might be incomplete and/or evolving rapidly. If you have any questions or ideas, please add them as a new topic on the discussion page.

This is a heavy-Implement quarter (as opposed to the other strategic actions in our SecurityEngineering/Strategy).

(Also linked from Platform/2014-Q1-Goals#Security_.26_Privacy)

Tracking Protection

• Outcome: Users can import a list of content to block.
• Who: mmc, grobinson
  • (mmc) Extend nsChannelClassifier to block network loads from tracking domains based on a remote list.

Security Feature Compatibility and Performance

• Outcome: improve app loading time on B2G and page load times on desktop
• Who: ckerschb, grobinson, sid
  • (ckerschb) CSP rewrite in C++ (perf for B2G and all platforms)
  • (grobinson) deprecation plan for old parser

Cert Revocation

• Outcome: measure feasibility of pinning mozilla properties
• Who: briansmith, cviecco
  • (cviecco) Land key pinning + pin telemetry
  • (briansmith) Land insanity
  • BONUS: (keeler) land cert error reporting ("report this to Mozilla") + collection infrastructure

Sandboxing

• Outcome: tighter sandbox, removes more access from child process
• Who: kang, bbondy, ckerschb
  • (kang) nail down path to remoting file access (so we can remove OPEN syscall from sandbox)
  • (bbondy) and equivalent file access control for windows.