From MozillaWiki
Jump to: navigation, search


Meeting Notes

  • Things are feeling pretty crazy right now. Lots of changes. Lots of important projects. It's uncomfortable, but it's feeling better. We should fix the things. Way in and speak up. [lloyd]
  • Yvan needs us to identify needed sec reviews for this quarter so that they can schedule them in. So far he knows about PiCl and Firefox Persona integration.
  • Jared suggests an updated security review of Persona itself. We could help them out by updating the current docs (following We should mention the redirect flow to Yvan because that changes the flow significantly.
  • Monday project meeting updates: Vlad did it this morning. He did a glorious job. This seems to be going well.
  • You should have an opportunity to talk to someone every week. Please schedule a 1:1 if you don't have one scheduled.
  • We should double down on Freaky Fridays. That day is not for meetings, it's for fun. For things you enjoy doing. Things you're feeling guilty you're not doing. It should be vaguely related to what we do or what you want to learn technically. You should ideally let people know the day before to get a contributor jamming with you.
  • Ryan Seys wants to work on a Facebook IdP experiment. Jed says that it's good to remind people that writing IdP enables a lot of possibilities. Jed points out that security people love the fact that Persona doesn't have to make their email account a SPOF and that they can instead write their own IdP and use whatever login mechanism they want.
  • We've had a lot of interest from a number of startups in the "alternate auth" space. If Persona were more widely adopted, it would give them all they need to base their product own.
  • Should we add an API to have the IdP tell the RP whether or not the user account can receive emails? We should take that discussion to the list.
  • Shane gives a big shout out to Ryan. It was the most productive week he's had for a while.
  • Crystal wants to highlight the good stuff that we do. What we do well. We should rework our documentation to make the case of "why you should implement Persona" by using what our fans tell us. Everyone should do an RP interview (with John or Ryan helping). It's coming up next week. Ask Crystal if you have any questions.
  • If anyone wants to take the MySQL thing forward, replication etc, it's fallen off Jared's plate (been doing more reviews etc). The upgrade to MySQL 5.6 might fix it though!

Team Status

Native (B2G)

  • Sign in to Device vs Sign in to Web is next big question
  • Progress on door hanger firing Cancel
  • Working on Desktop roadmap

Signin to the Web

  • Lots of stuff landing in the 7/31 train, including:
    • Chrome on iOS is COMING (#2034)
    • siteLogo HTTPS restrictions will be lifted, almost ready (yay Sam!) (#3705)
    • Give .onmatch a try, we've fixed many bugs (#3649)
    • New, helpful error messaging if 3p cookies disabled (#3520, #3690)
  • SPOF on hold - want to help?
    • Jared toobusy() writing/reviewing codez
    • MySQL upgrade may be enough of an improvement
    • We need to measure this
    • Details coming to dev-identity later today
  • We'll be announcing the GMail bridge this week. Blog post going out Thursday.
  • Users with an uppercase character in the domain can't use the Identity Bridge. The work around of lowercasing it doesn't work because we store the original case in the fallback IdP's DB. More work/discussion on this after the meeting.

Profile in the Cloud (PiCL)

Firefox Accounts dev server with current API will be live soon

Sync storage proposal to deliver to Fx client teams is WIP Big discussion on sync-dev about CouchDB. Some suggestions include using CouchDB directly and writing a wrapper around it. Others suggest that we use it in other ways. A number of people are exploring that on the list. This is not the final solution and the dust has yet to settle.


  • we need to simplify and remove persona stuff from native code - should be a quick fix
  • Ryan has been writing an awesome Chat/Skype-like demo. It shows you what Persona gets you that other auth systems don't. [see:]


  • working on browserid train-2013.07.17 for push this week.


Business Development

Product Marketing

Docs & Engagement


Blog Schedule

  • We are working on launch on new blog series. Stay tuned for more information soon

PTO/OOO (kept in the Identity calendar for everyone's reference)

  • [ryan f] PTO Jul 29 - Aug 2
  • [shane] PTO Jul 31 - Aug 9
  • [jared] PTO Aug 7 - 9
  • [warner] conference (USENIX Security) aug 12-16
  • [tauni] PTO Aug 12