On 6/5/05, Heikki Toivonen <[EMAIL PROTECTED]> wrote: > You can drive all the anti-phishing work you want without ever getting > into the Mozilla Security Group. Although if you did significant work, > you'd probably be invited anyway.
OK, so after you've written the papers and the code what's the next step along this path? I've implemented the petname tool, an anti-phishing browser extension. You can find it at: http://petname.mozdev.org/ There's a fully functional Firefox extension available at that site. The code has been written. I've also written several papers about the petname tool and why it works. There's been an extensive review of this work on another security focused mailing list. Now how do I go about getting the Mozilla Security Group to review this work and incorporate it into the main Firefox UI? If noone has the time or inclination, how do I become a member of the Mozilla Security Group so that I can commit the changes to CVS myself. I have extensive experience producing security critical code, much of which has been scrutinized by some of the best minds in the field. Thanks, Tyler -- The web-calculus is the union of REST and capability-based security: http://www.waterken.com/dev/Web/ _______________________________________________ Mozilla-security mailing list Mozilla-security@mozilla.org http://mail.mozilla.org/listinfo/mozilla-security