- 1 Document Overview
- 2 Architecture
- 3 User Data Risk Minimization
- 4 Alignment with Privacy Operating Principles
- 5 Follow-up Tasks and tracking
|Feature/Product:||Verified Email (Mozilla ID)|
|Projected Feature Freeze Date:||-|
|Product Champions:||Dan Mills|
|Privacy Champions:||Sid Stamm|
|Security Contact:||Michael Coates|
|Document State:||[DROPPED] reviewing products, not protocols|
|Architectural Overview:||(date TBD)|
|Recommendation Meeting:||(date TBD)|
|Wrap-up Meeting:||(if necessary)|
In this section, the product's architecture is described. Any individual components or actors are identified, their "knowledge" or what data they store is identified, and data flow between components and external entities is described.
The main objective of this feature/product is: browserid uses a simple protocol (verified email) to implement sign-ins on sites that is secure, password-free, and very easy to use.
The browserid.org project has several components:
- A protocol specification
- A Mozilla-hosted service
- Clients for Firefox, Firefox Mobile, and a pure-HTML client with support for a variety of browsers
- Single-click sign-up/sign-in/sign-out. No need to remember passwords for each site
- Browser integration, for maximum convenience and protection from phishing attacks
- Mobile Firefox support, making it easy to sign up and use sites on mobile phones
- Support for current-generation browsers, no special add-ons required (using HTML pop-ups)
- Provides an on-ramp towards a fully decentralized system, with the user agent as ID mediator.
Design Documents: Link to any design or architectural documents here.
- Mozilla-hosted service
- VE Clients: for Firefox, Firefox Mobile, and a pure-HTML client with support for a variety of browsers
This component does A, B and C and interacts with component Y to do D.
The tables below simply summarize the data encountered by this component.
|data type||where stored|
Communication with Component Y
|In:||message 1||types of data received from component Y with the message|
|Out:||message 2||types of data sent to component Y with the message|
User Data Risk Minimization
In this section, the privacy champion will identify areas of user data risk and recommendations for minimizing the risk.
Alignment with Privacy Operating Principles
In this section, the privacy champion will identify how the feature lines up with Mozilla's privacy operating principles.
Principle: Transparency / No Surprises
(How the feature addresses this)
Recommendations: (what can be improved)
Principle: Real Choice
Principle: Sensible Defaults
Principle: Limited Data
Follow-up Tasks and tracking
|[NEW] Initial Overview Discussion||?||Meeting time TBD|