Mozilla has sent a Communication to the Certification Authorities (CAs) who have root certificates included in Mozilla’s program. Mozilla’s CA Certificate Program governs inclusion of root certificates in Network Security … Read more
Part of how Mozilla protects the Web is by participating in the governance of the Web PKI, the system of security certificates that allows websites to authenticate themselves to browsers. … Read more
Mozilla runs Winter of Security (MWoS) every year to give folks an opportunity to contribute to ongoing security projects in flight. This year an ambitious group took on the task … Read more
According to the plan we published earlier for deprecating SHA-1, on January 1, 2016, Firefox 43 began rejecting new certificates signed with the SHA-1 digest algorithm. For Firefox users with … Read more
Last year, we laid out a long-range plan for improving revocation support for Firefox. As of this week, we’ve completed most of the major elements of that plan. After adding … Read more
This article has been coauthored by Aislinn Grigas, Senior Interaction Designer, Firefox Desktop Over the past few months, Mozilla has been improving the user experience of our privacy and security … Read more
In our previous blog post about phasing out certificates with SHA-1 based signature algorithms, we said that we planned to take a few actions with regard to SHA-1 certificates: Add … Read more
As part of our commitment to protect the privacy of our users, Mozilla will disable the insecure RC4 cipher in Firefox in late January 2016, beginning with Firefox 44. Mozilla … Read more
The Bugzilla bug tracker is a major part of how we accomplish our mission of openness at Mozilla. It’s a tool for coordinating among our many contributors, and a focal … Read more
As part of our commitment to help Firefox users stay safe online, we have recently expanded the malware detection features in Firefox. Thanks to new developments in Google’s Safe Browsing … Read more
Yesterday morning, August 5, a Firefox user informed us that an advertisement on a news site in Russia was serving a Firefox exploit that searched for sensitive files and uploaded … Read more
Last year, we introduced the Mozilla Winter of Security (MWoS) to invite students to work on security projects with members of Mozilla’s security teams. Ten projects were proposed, and dozens … Read more