Security/Features/OCSP Stapling
From MozillaWiki
Please use "Edit with form" above to edit this page.
Status
| OCSP Stapling | |
| Stage | Landed |
| Status | In progress |
| Release target | Firefox 25 |
| Health | OK |
| Status note | ` |
Team
| Product manager | Sid Stamm |
| Directly Responsible Individual | David Keeler |
| Lead engineer | David Keeler |
| Security lead | Curtis Koenig |
| Privacy lead | Sid Stamm |
| Localization lead | ` |
| Accessibility lead | ` |
| QA lead | ` |
| UX lead | ` |
| Product marketing lead | ` |
| Operations lead | ` |
| Additional members | ` |
Open issues/risks
`
Stage 1: Definition
1. Feature overview
Allow sites to send the OCSP response in the TLS handshake so we can validate the site certificate without pinging an OCSP server too. See bug 360420. Also related bug 436414. bug 700693 is where the PSM changes are happening.
2. Users & use cases
A site wants to use OCSP but not rely on 100% availability of the OCSP responder or a fast enough connection to the CA.
3. Dependencies
`
4. Requirements
`
Non-goals
`
Stage 2: Design
5. Functional specification
`
6. User experience design
`
Stage 3: Planning
7. Implementation plan
`
8. Reviews
Security review
`
Privacy review
`
Localization review
`
Accessibility
`
Quality Assurance review
`
Operations review
`
Stage 4: Development
9. Implementation
`
Stage 5: Release
10. Landing criteria
`
Feature details
| Priority | P1 |
| Rank | 999 |
| Theme / Goal | TLS Hardening |
| Roadmap | Security |
| Secondary roadmap | Platform |
| Feature list | Platform |
| Project | ` |
| Engineering team | Security |
Team status notes
| status | notes | |
| Products | ` | ` |
| Engineering | ` | ` |
| Security | ` | ` |
| Privacy | ` | ` |
| Localization | ` | ` |
| Accessibility | ` | ` |
| Quality assurance | ` | ` |
| User experience | ` | ` |
| Product marketing | ` | ` |
| Operations | ` | ` |
