Hello, The Security Team has turned on Secure Mail for "Security-Sensitive Core Bug" group bugs on bugzilla.mozilla.org.
I've put together a short guidance page for this at https://wiki.mozilla.org/Security/Security_Bugs/EncryptedBugmail. This is part of an overall goal to decrease the risk of accidental exposure of security bugs to third parties. There are still minor nits being worked out now that it is on. If you see a bug, please open it up in the bugzilla.mozilla.org product in the Extensions: SecureMail component. The overall effect for most people is small. If you're CC'd on a bug marked as secure, you will receive an email stating that a secure bug has changed with a link to it and no details *unless* you set an encryption key on BMO. If you do, you'll receive a normal bugzilla email for it, but encrypted. For members of the security group, how BMO password resets are handled has also changed. Al _______________________________________________ dev-security mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security
