Security Projects
Mozilla includes several projects related to security:
- Open Source PKI Projects. Main home page for all
open source public-key infrastructure (PKI) projects, including:
- Network Security Services (NSS). Project for supporting cross-platform development of security-enabled server applications. Applications built with NSS can support PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, TLS, SSL v2 and v3, X.509 v3 certificates, and other security standards.
- Network Security Services for Java (JSS). A Java interface to NSS that supports most of the security standards and encryption technologies supported by NSS. JSS also provides a pure Java interface for ASN.1 types and BER/DER encoding.
- Personal Security Manager (PSM). Project for supporting cross-platform development of security-enabled client applications. PSM includes libraries (built on top of NSS) and a daemon that performs cryptographic operations on behalf of a client application -- operations such as setting up an SSL connection, object signing and signature verification, certificate management, and other common PKI functions.
- PKCS #11 Conformance Testing. Test suites designed to test PKCS #11 implementations.
- X.509 v3 Certificate Store. NSS ships by default with a set of root certificates. This page details how this store is managed.
- Component Security For Mozilla. Project for adding Java and JavaScript security to Mozilla components, mainly in terms of mobile code and the browser interfaces available to programs from those languages.
- Policy for Handling Security Bugs. Guidelines
on how to report security vulnerabilities and how the Mozilla community will deal with them.
- Current Members of the Mozilla security group.
- Known Vulnerabilities. List of known security weaknesses in various versions of Mozilla.
- Top Level Domains for which we permit Internationalized Domain Names, with links to the relevant registry policies.