Weekly Status 2007-04-13

This Week

  • Launched 400,000 Bug Sweepstake – get your entries in!
  • Finished last-minute frantic SoC conflict resolution and application triage
  • We got 10 slots, up from 8 two hours before the deadline – Leslie Hawthorn at Google is a star
  • Here’s the list of accepted students – 1 extension, 1 Camino, 1 SeaMonkey, 2 Thunderbird, 5 Firefox
  • I am mentoring a student to write an RFC for and implement Link Fingerprints
  • We are looking at alternative sources of funding for some proposals which missed out
  • Reviewed several Bugzilla patches relating to custom statuses, which it is becoming increasingly clear we need in the Mozilla project (NEEDINFO, READY etc.)
  • Designed workflow-editing UI for when we have custom statuses
  • Completed CA application assessment for Keynectis and posted to newsgroup
  • Started evaluations for IdenTrust, S-TRUST and SwissSign
  • Pinged the applicants who haven’t responded for a month

Next Week

  • Much less SoC work :-)
  • Join W3C HTML Working Group
  • If there have been no objections, file technical inclusion bugs for the first three CAs who passed evaluation
  • Start work on certificate analysis tool to check potentially-included root certificates for problems
  • Drive new Bugzilla resolution discussion to completion
  • Same with mozilla.feedback.* rearrangement
  • Thursday afternoon off for a chest CT scan

2 thoughts on “Weekly Status 2007-04-13

  1. Ian: ETag has different goals. Link Fingerprints is about giving someone a link and being certain that they’ll only get the exact resource you want them to get. This is important in security contexts.

    If my Downloads webserver gets hacked and trojaned binaries uploaded, the web serving software will just generate a new ETag, and no-one will notice. The point of Link Fingerprints is that the verification information does _not_ come from the same location as the file.