Mozilla Foundation activities, week ending 2007/08/31
This is my report on my activities related to the Mozilla Foundation for the week ending August 31, 2007. Note that I've tweaked the format of these reports in an effort to make them easier to read.
Projects for the week
Here's a summary of what Foundation-related activities went on last week; for more information about others' activities please see the weekly status reports published by David Boswell, Gerv Markham, and Zak Greant.
Grants and related activities
The Mozilla Foundation is funding a project to implement server-side features in Apache and OpenSSL to complement future Firefox enhancements to check the validity of SSL certificates using OCSP. (Technically, what's being done is implementing support for the Certificate Status Request extension to TLS as defined in section 3.6 of RFC 3546, so that OCSP information can be returned to Firefox as part of the TLS handshake and Firefox doesn't have to generate a separate OSCP request itself. This technique is sometimes referred to as "OCSP stapling".) Such validity checks will help improve security when connecting to all SSL sites, but will be especially important when connecting to sites with extended validation certificates.
The Mozilla Foundation is co-sponsoring the Foundations of Open Media Software developer workshop to be held in January in Melbourne Australia; among other things, our support will help pay for travel costs for developers attending the workshop. One major topic at FOMS 2008 will be native Firefox support for Ogg Theora and other open media formats.
Peter Jaros completed the intermediate milestone on his project to improve scriptability of Camino with AppleScript (a project the Mozilla Foundation is co-sponsoring with the Camino project).
IP/legal issues
- We are close to having a final internal draft for the proposed corporate contributors agreement. I hope to be able to circulate a draft for public comment soon.
Upcoming activities
I'll be in Mountain View on September 12 for a Mozilla Foundation board meeting.
Zak Greant will be in Mountain View September 13-16 for Mozilla 24.
Random notes
Driving around a few nights ago I saw signs announcing "Cyberden: alternative coffee house". I've never stepped in the place, but I knew Cyberden as a small PC gaming center in a strip shopping center. However it's now moved into a new space and added an (alcohol-free) nightclub and cafe; judging from its brochure it's quite impressive.
As it turns out, one of the co-owners of Cyberden is Peter Stone (aka DJ Bat), who used to manage a club in San Francisco and was an acquaintance of Jamie Zawinski, now of the DNA Lounge but previously one of the key people who helped get the Mozilla project started. It's a cliche, but it really is a small world.
2007-09-06
Trackbacks
Hacking for Christ mentioned this post in "OCSP Stapling in OpenSSL and Apache":
Frank noted in his status report that the Mozilla Foundation is funding a project to implement "OCSP stapling" in Apache and OpenSSL. In the future, Firefox will be enhanced to check the validity of SSL certificates using Online Certificate Status Protocol (OCSP) responses served up by the webserver itself (colloquially known as "OCSP stapling"), as opposed to directly from the CA's OCSP server. But the webserver needs to know how to obtain and serve them, which is what this work is about. OCSP stapling massively reduces the load on a CA's OCSP servers, and makes OCSP feasible for deployment for large volume SSL sites like Paypal or Amazon. Once a majority of clients support it, we'll see much wider OCSP use, with a corresponding improvement in the ability of CAs to meaningfully revoke certificates. Working OCSP is compulsory for EV certificates from 2010 onwards. I've been working on this grant for some months now, and it's great to see it go ahead....
Comments
MizT wrote at 2007-09-18 08:45:
Frank Hecker wrote at 2007-09-18 10:01:
MizT wrote at 2007-09-26 18:39: