Mozilla - Security

This forum is an archive for the mailing list dev-security@lists.mozilla.org (more options) Messages posted here will be sent to this mailing list.
Security issues such as specific security problems or ideas for making the code as a whole more secure can be discussed here. Cryptography, however, is not within this group's charter.
1234567 ... 25
Topics (871)
Replies Last Post Views
Mixed Content Isssue by Manjula Samanpriya
0
by Manjula Samanpriya
Private Devices and IoT (was Proposal: Marking HTTP As Non-Secure) by Jeffrey Walton
3
by Anders Rundgren-2
http insecure by Lisa Nocera
0
by Lisa Nocera
Marking http as insecure by Lisa Nocera
0
by Lisa Nocera
unexpected BUG with certificates class 2 from StartCom by Никита
3
by Hubert Kario
[#VSS-280-35261]: Re: Block Mixed Content for HSTS domains by OpenWeb.co.za
0
by OpenWeb.co.za
Block Mixed Content for HSTS domains by Anne van Kesteren
4
by Mike West
[#REI-616-42848]: Re: Block Mixed Content for HSTS domains by OpenWeb.co.za
0
by OpenWeb.co.za
Improving CORS performance by Anne van Kesteren
0
by Anne van Kesteren
Content-Security-Policy & iframe src by Wilks, Dan
1
by Wilks, Dan
Why a fake certificate can pass validation? by chenyt.cs.sjtu
1
by Hubert Kario
"Permission denied to access property 'apply'" for wrapped functions by Jordan Santell
7
by Bobby Holley-3
Why a fake certificate can be verified by chenyt.cs.sjtu
0
by chenyt.cs.sjtu
Why not DNS records Re: [blink-dev] Re: Proposal: Marking HTTP As Non-Secure by Ryan Sleevi-2
9
by Kevin Chadwick-2
OpenSSL Library Call Redirection, OpenPGP, DANE by Coyo
0
by Coyo
Personal Certificate importing learning by Rachel McGuigan
0
by Rachel McGuigan
CCC security conference 31C3 by Ben Bucksch
0
by Ben Bucksch
Public Key Pinning (was Re: [blink-dev] Re: Proposal: Marking HTTP As Non-Secure) by Jeffrey Walton
5
by Ryan Sleevi-3
Insecure Password Fields and Firefox Developer Edition by Tanvi Vyas-2
15
by Gervase Markham
Proposal: Marking HTTP As Non-Secure by Dominick Marciano
4
by Chris Palmer
Possible bug/issue with TLS 1.2 client authentication between IE and Apache+NSS? by James Chappell
0
by James Chappell
Circumstances cause CBC often to be preferred over GCM modes by Hanno Böck-4
11
by ianG-2
RE: Marking HTTP As Non-Secure by Cypher G
0
by Cypher G
Globalsign screwup with OCSP (and I've no idea how to file the bug in Firefox) by Kyle Hamilton-2
1
by David Keeler-2
TLS 1.2 support by NSS for flash by sachin gupta
0
by sachin gupta
Cross Compilation of NSS by sachin gupta
0
by sachin gupta
Communicating that unsupported browsers cannot be used by Ben Bucksch
18
by Kevin Chadwick-2
Showing OCSP calls in the Network tab by Eric Mill
6
by Daniel Veditz-2
NSS modutil: Adding a PKCS#11 module with a PIN and storing PIN in nssdb by Mike Gerow
4
by Anders Rundgren-2
https connection to PayPal without identity information by Rainer
3
by Daniel Veditz-2
Valuable Mozilla Firefox Security powered by WorldIP free firefox add-on by Peter Moszczyński
2
by Alex Jordan
NSS_InitReadWrite missing in nss3.dll by mludha
1
by Daniel Veditz-2
how to disable sslv3 in nss? by Lois Janes
7
by Kyle Hamilton
Time to dump NSS by Anders Rundgren-2
0
by Anders Rundgren-2
Testing mozilla::pkix by alexrait
1
by David Keeler-2
1234567 ... 25