Privacy/Features/Handshake checkpoint API: Difference between revisions
Jump to navigation
Jump to search
mNo edit summary |
No edit summary |
||
(6 intermediate revisions by 2 users not shown) | |||
Line 1: | Line 1: | ||
{{FeatureStatus | {{FeatureStatus | ||
|Feature name=Create API for add-ons and components that provides check-point between TLS/SSL handshake and HTTP request | |Feature name=Create API for add-ons and components that provides check-point between TLS/SSL handshake and HTTP request | ||
|Feature stage= | |Feature stage=On hold | ||
|Feature status=In progress | |||
|Feature health=OK | |Feature health=OK | ||
}} | }} | ||
{{FeatureTeam | {{FeatureTeam | ||
|Feature product manager=Sid Stamm | |Feature product manager=Sid Stamm | ||
|Feature feature manager=Peter Eckersley | |||
|Feature lead engineer=Honza Bombas | |||
|Feature privacy lead=Sid Stamm | |||
|Feature additional members=Brian Smith | |||
}} | }} | ||
{{FeaturePageBody | {{FeaturePageBody | ||
|Feature overview=Create API for add-ons and components that provides check-point between TLS/SSL handshake and HTTP request, allowing add-ons greater scrutiny of secure connections before they are used. | |Feature overview=Create API for add-ons and components that provides check-point between TLS/SSL handshake and HTTP request, allowing add-ons greater scrutiny of secure connections before they are used. This feature also would expose the controls to add-ons so they can implement an alternate certificate-validation path that's not dependent on our existing PKI and root certificate program. | ||
|Feature users and use cases=Convergence: Moxie would really like an API like this for simplifying the Convergence (http://convergence.io) add-on implementation. He had to "jump through some pretty prolific hoops in order to replace the browser's default certificate validation with my own." | |||
|Feature dependencies=* {{bug|644640}}: Implement extension point for extensions to influence trust decisions in PSM | |||
|Feature non-goals=* This will not ''replace'' our existing PKI/CA program | |||
* This is not affecting stuff outside the TLS layer of HTTPS connections. | |||
* This is not adding additional UI over the DV/EV SSL indicators. | |||
}} | }} | ||
{{FeatureInfo | {{FeatureInfo | ||
|Feature priority= | |Feature priority=P3 | ||
|Feature | |Feature theme=Product Hardening | ||
|Feature | |Feature roadmap=Security | ||
|Feature list=Platform | |Feature list=Platform | ||
|Feature engineering team=Networking | |||
}} | }} | ||
{{FeatureTeamStatus}} | {{FeatureTeamStatus}} |
Latest revision as of 21:34, 22 November 2013
Please use "Edit with form" above to edit this page.
Status
Create API for add-ons and components that provides check-point between TLS/SSL handshake and HTTP request | |
Stage | On hold |
Status | In progress |
Release target | ` |
Health | OK |
Status note | ` |
Team
Product manager | Sid Stamm |
Directly Responsible Individual | Peter Eckersley |
Lead engineer | Honza Bombas |
Security lead | ` |
Privacy lead | Sid Stamm |
Localization lead | ` |
Accessibility lead | ` |
QA lead | ` |
UX lead | ` |
Product marketing lead | ` |
Operations lead | ` |
Additional members | Brian Smith |
Open issues/risks
`
Stage 1: Definition
1. Feature overview
Create API for add-ons and components that provides check-point between TLS/SSL handshake and HTTP request, allowing add-ons greater scrutiny of secure connections before they are used. This feature also would expose the controls to add-ons so they can implement an alternate certificate-validation path that's not dependent on our existing PKI and root certificate program.
2. Users & use cases
Convergence: Moxie would really like an API like this for simplifying the Convergence (http://convergence.io) add-on implementation. He had to "jump through some pretty prolific hoops in order to replace the browser's default certificate validation with my own."
3. Dependencies
- bug 644640: Implement extension point for extensions to influence trust decisions in PSM
4. Requirements
`
Non-goals
- This will not replace our existing PKI/CA program
- This is not affecting stuff outside the TLS layer of HTTPS connections.
- This is not adding additional UI over the DV/EV SSL indicators.
Stage 2: Design
5. Functional specification
`
6. User experience design
`
Stage 3: Planning
7. Implementation plan
`
8. Reviews
Security review
`
Privacy review
`
Localization review
`
Accessibility
`
Quality Assurance review
`
Operations review
`
Stage 4: Development
9. Implementation
`
Stage 5: Release
10. Landing criteria
`
Feature details
Priority | P3 |
Rank | 999 |
Theme / Goal | Product Hardening |
Roadmap | Security |
Secondary roadmap | ` |
Feature list | Platform |
Project | ` |
Engineering team | Networking |
Team status notes
status | notes | |
Products | ` | ` |
Engineering | ` | ` |
Security | ` | ` |
Privacy | ` | ` |
Localization | ` | ` |
Accessibility | ` | ` |
Quality assurance | ` | ` |
User experience | ` | ` |
Product marketing | ` | ` |
Operations | ` | ` |