Ian G wrote:<snip>
And while we are on that subject, who or what is the security team / security director for Mozilla? Would would coordinate a security bug of this broad a nature?
Frank, maybe?
LOL. I'm not qualified to be a "security director" for the Mozilla project; my only "skill" is writing turgid policy documents.
The closest equivalent to a "security director" right now is the security group module owner, who's currently Dan Veditz:
http://www.mozilla.org/projects/security/secgrouplist.html
I don't believe Dan works for the Mozilla Foundation, but in any case I think it would not be a bad idea for the MF to hire someone specifically to oversee security-related issues all across the product(s), including security vulnerabilities, security UI, crypto, etc. (And while they're at it, PSM needs a module owner too :-)
Frank
-- Frank Hecker [EMAIL PROTECTED] _______________________________________________ mozilla-crypto mailing list [email protected] http://mail.mozilla.org/listinfo/mozilla-crypto
