Privacy/Features/Handshake checkpoint API: Difference between revisions
Jump to navigation
Jump to search
mNo edit summary |
No edit summary |
||
| (6 intermediate revisions by 2 users not shown) | |||
| Line 1: | Line 1: | ||
{{FeatureStatus | {{FeatureStatus | ||
|Feature name=Create API for add-ons and components that provides check-point between TLS/SSL handshake and HTTP request | |Feature name=Create API for add-ons and components that provides check-point between TLS/SSL handshake and HTTP request | ||
|Feature stage= | |Feature stage=On hold | ||
|Feature status=In progress | |||
|Feature health=OK | |Feature health=OK | ||
}} | }} | ||
{{FeatureTeam | {{FeatureTeam | ||
|Feature product manager=Sid Stamm | |Feature product manager=Sid Stamm | ||
|Feature feature manager=Peter Eckersley | |||
|Feature lead engineer=Honza Bombas | |||
|Feature privacy lead=Sid Stamm | |||
|Feature additional members=Brian Smith | |||
}} | }} | ||
{{FeaturePageBody | {{FeaturePageBody | ||
|Feature overview=Create API for add-ons and components that provides check-point between TLS/SSL handshake and HTTP request, allowing add-ons greater scrutiny of secure connections before they are used. | |Feature overview=Create API for add-ons and components that provides check-point between TLS/SSL handshake and HTTP request, allowing add-ons greater scrutiny of secure connections before they are used. This feature also would expose the controls to add-ons so they can implement an alternate certificate-validation path that's not dependent on our existing PKI and root certificate program. | ||
|Feature users and use cases=Convergence: Moxie would really like an API like this for simplifying the Convergence (http://convergence.io) add-on implementation. He had to "jump through some pretty prolific hoops in order to replace the browser's default certificate validation with my own." | |||
|Feature dependencies=* {{bug|644640}}: Implement extension point for extensions to influence trust decisions in PSM | |||
|Feature non-goals=* This will not ''replace'' our existing PKI/CA program | |||
* This is not affecting stuff outside the TLS layer of HTTPS connections. | |||
* This is not adding additional UI over the DV/EV SSL indicators. | |||
}} | }} | ||
{{FeatureInfo | {{FeatureInfo | ||
|Feature priority= | |Feature priority=P3 | ||
|Feature | |Feature theme=Product Hardening | ||
|Feature | |Feature roadmap=Security | ||
|Feature list=Platform | |Feature list=Platform | ||
|Feature engineering team=Networking | |||
}} | }} | ||
{{FeatureTeamStatus}} | {{FeatureTeamStatus}} | ||
Latest revision as of 21:34, 22 November 2013
Please use "Edit with form" above to edit this page.
Status
| Create API for add-ons and components that provides check-point between TLS/SSL handshake and HTTP request | |
| Stage | On hold |
| Status | In progress |
| Release target | ` |
| Health | OK |
| Status note | ` |
Team
| Product manager | Sid Stamm |
| Directly Responsible Individual | Peter Eckersley |
| Lead engineer | Honza Bombas |
| Security lead | ` |
| Privacy lead | Sid Stamm |
| Localization lead | ` |
| Accessibility lead | ` |
| QA lead | ` |
| UX lead | ` |
| Product marketing lead | ` |
| Operations lead | ` |
| Additional members | Brian Smith |
Open issues/risks
`
Stage 1: Definition
1. Feature overview
Create API for add-ons and components that provides check-point between TLS/SSL handshake and HTTP request, allowing add-ons greater scrutiny of secure connections before they are used. This feature also would expose the controls to add-ons so they can implement an alternate certificate-validation path that's not dependent on our existing PKI and root certificate program.
2. Users & use cases
Convergence: Moxie would really like an API like this for simplifying the Convergence (http://convergence.io) add-on implementation. He had to "jump through some pretty prolific hoops in order to replace the browser's default certificate validation with my own."
3. Dependencies
- bug 644640: Implement extension point for extensions to influence trust decisions in PSM
4. Requirements
`
Non-goals
- This will not replace our existing PKI/CA program
- This is not affecting stuff outside the TLS layer of HTTPS connections.
- This is not adding additional UI over the DV/EV SSL indicators.
Stage 2: Design
5. Functional specification
`
6. User experience design
`
Stage 3: Planning
7. Implementation plan
`
8. Reviews
Security review
`
Privacy review
`
Localization review
`
Accessibility
`
Quality Assurance review
`
Operations review
`
Stage 4: Development
9. Implementation
`
Stage 5: Release
10. Landing criteria
`
Feature details
| Priority | P3 |
| Rank | 999 |
| Theme / Goal | Product Hardening |
| Roadmap | Security |
| Secondary roadmap | ` |
| Feature list | Platform |
| Project | ` |
| Engineering team | Networking |
Team status notes
| status | notes | |
| Products | ` | ` |
| Engineering | ` | ` |
| Security | ` | ` |
| Privacy | ` | ` |
| Localization | ` | ` |
| Accessibility | ` | ` |
| Quality assurance | ` | ` |
| User experience | ` | ` |
| Product marketing | ` | ` |
| Operations | ` | ` |