Last Week's Actions
- roadmap needed
- post-mortem on security bug, plus script
- run-script needs to be written
- tech documentation from engagement
- field guide on its way, need more docs.
- train 2011.11.17 rolled into production
- train-2011.12.08 to beta (RSN) - read the changelog https://github.com/mozilla/browserid/blob/train-2011.12.08/ChangeLog#L1-8
- massive crypto performance improvements landed (by @benadida) in dev - analysis forthcoming
- Meeting with l10n today, to discuss our plan
- Platform patches: no update, still waiting on reviews for getRandomValues and bug 665057 (Identity platform API)
- ACTION: Ben to meet with JR
Security & Privacy
- ACTION: needs info from people for RFP
- capture the flag, including BrowserID bad RP
- bug bounty process will start Q1'ish
- RSBAC looking good for real launch
- launch to prod hardware on Wed.
- Completed work on the very big Train 15
- Bug 707186 - QA and deploy BrowserID train-2011.12.01 to production
- Completed work on Train 15 + HotFix to Production
- 727: Train 2011.12.01 hotfix 601: https://github.com/mozilla/browserid/pull/727
- Completed work with Shane to get Unit Tests running in QA environments
- Working with Dev and OPs on the final configuration for the new Production environment
- QA action items
- Client-side Selenium II automation: jrgm, marlenac, and nhirata
- Work with Pete and Lloyd to finish up RPM install and configuration of QA environment (ID2)
- Work with Pete to get error logs, log rotation, and archiving in Dev and Stage
- Work with Lloyd on his command line tools - see what's there for QA
- good remarks re: last talk given
- AJAX meetup London tomorrow: JS & webdev
- The Dashboard is now live (https://metrics.mozilla.com/pentaho/content/pentaho-cdf-dd/Render?solution=metrics2&path=identity/&file=identity.wcdf). Please file bugs as needed and we'll fix them asap.
- OPS pinged last week wrt production servers, these prod servers follow the same privacy ruleset as the current VM machine?
- Collecting www logs for browserid.org, what type of nightly reports are needed here?
for eg: 404, 200 etc. count codes. top referrer urls. anything else?
- nailed down some details of how to close the new account loop
- pushed forward the discussion of how profiles will work
- I will generate prototypes/mock that add the basic set (name, profile pic)
- Continuing to think about, discuss extended set (address, username, fb credentials, etc)
- ran a user test to discover users' mental model of facebook connect logging in & out
- Q1 goals by end of this week.