canmove, Confirmed users, Bureaucrats and Sysops emeriti
2,776
edits
Security/Reviews/BrowserIDProfiles: Difference between revisions
Jump to navigation
Jump to search
no edit summary
(Created page with "{{SecReviewInfo |SecReview name=Profile feature of Mozilla Persona/BrowserID }} {{SecReview}} {{SecReviewActionStatus |SecReview action item status=None }}") |
No edit summary |
||
| Line 1: | Line 1: | ||
{{SecReviewInfo | {{SecReviewInfo | ||
|SecReview name=Profile feature of Mozilla Persona/BrowserID | |SecReview name=Profile feature of Mozilla Persona/BrowserID | ||
|SecReview target=<bugzilla> | |||
{ | |||
"id":"756431" | |||
} | |||
</bugzilla> | |||
https://wiki.mozilla.org/Identity/Profile/Proposal | |||
https://github.com/mozilla/browserid/issues/880 | |||
}} | |||
{{SecReview | |||
|SecReview feature goal=* add basic profile information to BrowserID | |||
** name, avatar photo (the kind of things when you post a comment to a blog) [initial phase & opt in] | |||
** will be from client side initially until we can solve key wrapping | |||
*** when solved, we may provide more data and provide it server side (encrypted on client side) | |||
* provider would have to make an explicit request (for what not sure yet, expanded data set for sure) | |||
* the future goal is to have a "contact card" style of information that is associated with a given persona email address | |||
|SecReview alt solutions=* automatically sending email, name and "photo" (avatar) | |||
** we may want even this to be optional and controlled by users | |||
|SecReview solution chosen=* ability to have an online profile and data that is associated with a given account for a given site | |||
|SecReview threats considered=* all those inherent with browserID | |||
* privacy with regards to user choice on what is sent | |||
|SecReview threat brainstorming=* if the user and the site don't agree on what info is required who cancels the transaction? | |||
** we want the user to be able to control this and make decisions | |||
* Concern for photo privacy: embedded EXIF Data, such as thumbnail being an entire photo, while what is displayed as the image cropped, GPS data, etc. | |||
* If we point to external image URLs, we may make site owners angry, as many users will point to photos hosted on sites they don't control or own. Also, site owners could replace an image with a nasty one. | |||
}} | }} | ||
{{SecReviewActionStatus | {{SecReviewActionStatus | ||
|SecReview action item status= | |SecReview action item status=In Progress | ||
|SecReview action items=* Who :: What :: By when (Keep in mind all these things will be bugs that block the reivew bug, that blocks the feature bug) | |||
* Yvan Boily :: code review :: before launch | |||
* identity team :: What are each of the milestones, how can these steps be broken down, specify when there is an increase in data collected. | |||
}} | }} | ||