Intent to Implement System Add-on: SHIELD/Normandy

J. Ryan Stinnett jryans at gmail.com
Fri Sep 30 23:48:33 UTC 2016


On Fri, Sep 30, 2016 at 8:41 AM, Gijs Kruitbosch <gijskruitbosch at gmail.com>
wrote:

> In this specific case, it sounds like you're already talking to the
> security team. They would be the best people to judge if you (still) need a
> formal security review to happen on the code you're landing. If you haven't
> talked to them about this, now would be a good time. For other projects, a
> quick web search gets me: https://wiki.mozilla.org/Secur
> ity#Request_a_Security_or_Privacy_Review which seems fairly
> straightforward to me.
>

I suppose this is the wrong venue for this rabbit hole, but I've had a hard
time contacting the security team in the past, so I am not sure what the
right venue is. The wiki page above links to a security review request form
that says "This process not currently in use, maintaining for historical
purposes".

Is there a description of the correct process for requesting security
review somewhere? I've received a lot of mixed signals about this process
in the past, so having the right answer would be great!

- Ryan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.mozilla.org/pipermail/firefox-dev/attachments/20160930/9badea9d/attachment.html>


More information about the firefox-dev mailing list