User:Curtisk
From MozillaWiki
Feature | Priority | Target Release | Security lead | Security notes | Roadmap |
Iframe Sandbox | P1 | Firefox 17 | Curtis Koenig | ` | Security |
Application Reputation | P1 | ` | ` | ` | Security |
Sandboxing of content processes | P1 | ` | Guillaume Destuynder | ` | Security |
HSTS Preload List | P1 | Firefox 17 | ` | ` | Security |
Opt-in activation for plugins | P1 | Firefox 16 | David Chan (dchan) | assigned to dchan | Security |
CA Pinning | P1 | ` | Curtis Koenig | ` | Security |
B2G App Security and Privacy Model | P1 | B2G 1.0 | Paul Theriault | bug 744915 | Security |
Mixed Content Blocker | P1 | Firefox 23 | Dan Veditz | ` | Security |
SSL Error Reporting | P1 | ` | ` | ` | Security |
OCSP Stapling | P1 | Firefox 25 | Curtis Koenig | ` | Security |
Revamp Security Hooks | P1 | ` | Tanvi Vyas | ` | Security |
HTTPS (SSL) Google Search | P1 | Firefox 14 | Curtis Koenig | ` | Security |
Click-to-Play Part II | P1 | Firefox 17 | David Chan (dchan) | ` | Security |
Disallow Weak RSA Keys | P2 | ` | ` | ` | Security |
TLS Telemetry | P2 | Firefox 26 | David Chan | ` | Security |
Cert Blocklist via Update Ping | P2 | ` | Curtis Koenig | ` | Security |
Browser CRL | P2 | ` | Curtis Koenig | ` | Security |
Web Cryptography API | P2 | ` | ` | ` | Security |
Sign into the browser | P2 | ` | ` | bug 744948 | Mozilla Identity |
Intranet CSRF Blocker | P2 | ` | ` | ` | Security |
OCSP Must-Staple | P2 | ` | ` | ` | Security |
Highlight Cleartext Passwords | P2 | ` | ` | ` | Security |
CA Policy Constraint Checking in Code | P2 | ` | ` | ` | Security |
CSP 1.0 Support | P2 | Firefox 25 | ` | ` | Security |
Stub Installer and UI update | P2 | ` | ` | ` | Firefox Desktop |
TLS 1.2 support | P2 | Firefox 28 | Sid Stamm | ` | Security |
Apply CSP to Chrome Pages | P3 | ` | ` | ` | Security |
Active Distrust of CAs | P3 | ` | Curtis Koenig | ` | Security |
CSP Sandbox | P3 | ` | Daniel Veditz | ` | Security |
Add Security Features to Developer Tools | P3 | ` | ` | ` | Security |
Low-rights Firefox (whole process sandbox) | P3 | ` | ` | ` | Security |
allow-popups (part of iframe sandbox) | P3 | Firefox 27 | Sid Stamm | ` | Security |
Subresource Integrity | P3 | ` | ` | ` | Security |
XSS Filter | P3 | ` | Curtis Koenig | Needs a 2nd review meeting | Security |
Create API for add-ons and components that provides check-point between TLS/SSL handshake and HTTP request | P3 | ` | ` | ` | Security |
Better Cert Error/Warning Pages | P3 | ` | ` | ` | Security |
Same Domain Cookies | P3 | Firefox 20 | ` | should be floated as spec | Security |
Improved plugin installation and management experience | Unprioritized | ` | ` | ` | Plugin Interactions |
DOMCryptAPI (a Crypto API in the DOM) | Unprioritized | ` | Brian Smith | bug 744938 | Security |
DNSSEC-TLS | Unprioritized | ` | ` | ` | Platform |
Confidentiality Directive (CSP) | Unprioritized | ` | ` | ` | Security |
Security UI / UX Experiments | Unprioritized | ` | Tanvi Yvas | ` | ` |
Security Improvements to Password Manager | Unprioritized | ` | Tanvi Vyas | ` | Security |
Certificate Suspicion | Unprioritized | ` | Curtis Koenig | ` | Security |
Help users understand which bits are unencrypted | Unprioritized | ` | ` | ` | Security |
DOMCrypt Internal API | Unprioritized | N/A | Brian Smith | we want to have bsmith look at this | Security |