Complete Privacy-Policy Review for TLS Prober

RESOLVED FIXED

Status

Privacy
Product Review
RESOLVED FIXED
6 years ago
5 years ago

People

(Reporter: geekboy, Assigned: Tom Lowenthal)

Tracking

Details

(Reporter)

Description

6 years ago
Initial Questions:

Project/Feature Name: TLS Prober
Tracking  ID:
Description:
Flaws in SSL/TLS deployment cause serious security problems for all users of Firefox everywhere (OS, Desktop, Mobile) and could affect the quality of our services that depend on secure connections.

TLS Prober is a TLS/SSL "crawler" that monitors the state of TLS online and can be used for detecting various problems or trends in deployment of TLS/SSL.  Once set up and running, this system can be extended to look for dangerous trends and help identify the reach of TLS-related flaws.  
Additional Information:
http://my.opera.com/securitygroup/blog/2011/07/27/tls-prober-what-is-tls-testing-opera-com-and-what-does-it-do

https://github.com/operasoftware/tlsprober

TLS Prober was created by Opera and is being decommissioned over the next few months.  This data is valuable and it would be a shame if it were no longer available to anyone.
Urgency: no rush
Key Initiative: Firefox Platform
Release Date: 
Project Status: ready
Mozilla Data: No
New or Change: New
Mozilla Project: none
Mozilla Related: It is standalone.
Separate Party: No

Privacy Policy: 
Privacy Policy Link: 
User Data: 
Data Safety  ID: 
Legal  ID:
(Assignee)

Comment 1

5 years ago
Hi Sid. Does this bug need to be secret?

For the prober, it looks like it's meant to be run from a central server, and crawl the web. If so, what privacy issues might we forsee?
Severity: normal → blocker
(Assignee)

Updated

5 years ago
Severity: blocker → normal
(Reporter)

Comment 2

5 years ago
I don't think this needs to be secret, and I doubt if there are privacy issues here (I just filled out the kickoff form).  We're just planning on collecting information about TLS handshakes and server certs in the wild.
(Assignee)

Comment 3

5 years ago
Agreed.
Group: mozilla-corporation-confidential
Status: NEW → RESOLVED
Last Resolved: 5 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.