Seriously, this is about as drafty as drafts get
- 1 Introduction
- 2 Work Items
- 3 Sequence
Context and goals
Priority vs. sequence
In the new release process, where we branch every six weeks, attempting to align future work with specific releases is unlikely to be accurate, so this document does not attempt to specify this. This document is a statement of both direction and intent, laying out both the priority (how important we consider each piece of work) and sequence (the order in which we intend to attack these pieces). In a world without technical debt or design mistakes, these would be one and the same, but in reality there are often projects that need to happen sooner in order to make the cooler projects easier/faster/more stable. As with the paying down of any form of debt, strategy is key, and we are attempting to balance the two here.
Due to the privacy/security implications of these features, users will need to opt in from the device in advance.
Enable remote wipe of profile data for Fennec (Firefox for Android)
Users should be able to perform a remote wipe via the account portal. This should be resistant against server-side tampering. (aka Mozilla should not be able to trigger a wipe without user action.
Enable remote wipe of profile data for other platforms
Same as the previous requirement, but should work on any/all platforms.
Allow users to locate a device via the account portal
Basically like MobileMe's find my phone, or various cell providers' similar solutions for GPS-equipped phones (see also: E911)
- Need UI around opt-in feature, including any additional authentication steps (i.e. enter a predefined numeric wipe code)
- Need design for how we surface this in Account Portal
- Need a reliable, high-availability storage solution to store device info
- PUT/POST /location - devices will need to check in (provide location info and/or check for self-destruct code)
- PUT/POST /info/<UUID> Need an API for uploading device info. /checkin should fail if /info hasn't been uploaded
- GET /info retrieves data for all devices that user has linked to the service. GET /info/<UUID> will retrieve a single device