On 7/14/16 3:50 PM, Matthew N. wrote:
> Does anyone want to nominate an existing component as the place to move
> master password bugs that aren't consumer-specific? If not, I propose
> creating a new component e.g. "Core::Security: Master Password" to move the
> bugs to.
I think the technically correct answer ("the best kind of correct") is
that most MP bugs belong in NSS::Libraries and Core::Security: PSM,
since that's where the actual implementation is. (For those who don't
know: the "master password" is nothing more than a PKCS#11 token PIN.)
But that's pretty non-obvious to anyone not working in the code, and I
don't think having the bugs live there makes them any more likely to be
fixed.
I suggest just keeping Toolkit::PasswordManager as the default place
until such time as we can switch a master password implementation that's
not based on a crufty old token PIN. That's where they're most likely to
get filed/triaged to in the first place, anyway.
This is a small number of not-really-new bugs, so I'm not really sure it
merits its own component, either.
Justin