canmove, Confirmed users, Bureaucrats and Sysops emeriti
2,776
edits
Privacy/Reviews/TogetherJS: Difference between revisions
→Document Overview
| (12 intermediate revisions by the same user not shown) | |||
| Line 12: | Line 12: | ||
|'''Security Contact:''' || Mark Goodwin | |'''Security Contact:''' || Mark Goodwin | ||
|- | |- | ||
|'''Document State:''' || <section begin='status'/>{{ | |'''Document State:''' || <section begin='status'/>{{done|[https://groups.google.com/forum/#!topic/mozilla.dev.planning/CDVrP4GBOLw Public Comments]}}<section end='status'/> | ||
|} | |} | ||
| Line 19: | Line 19: | ||
{| | {| | ||
|'''Architectural Overview:''' || | |'''Architectural Overview:''' || 2013.10.09 | ||
|- | |- | ||
|'''Recommendation Meeting:''' || | |'''Recommendation Meeting:''' || 2013.10.09 | ||
|- | |- | ||
|'''Review Complete ETA:''' || <section begin='revieweta' /> | |'''Review Complete ETA:''' || <section begin='revieweta' />2013.10.17<section end='revieweta' /> | ||
|} | |} | ||
| Line 113: | Line 113: | ||
''Requirement:'' Users should be warned against disclosing sensitive information. | ''Requirement:'' Users should be warned against disclosing sensitive information. | ||
{{ResolutionBox|{{new|}}}} | {{ResolutionBox|{{new|Warning Message [https://github.com/mozilla/togetherjs/issues/848 Github Issue 848]}}}} | ||
{{ResolutionBox|{{new|User Impersonation [https://github.com/mozilla/togetherjs/issues/840 Github Issue 840]}}}} | |||
=== Data Leakage === | |||
''Risk:'' Form fields are visible to all members of a session. | |||
''Requirement:'' Ability for sites to disable fields or sets of fields | |||
{{ResolutionBox|{{new|Include setting to turn off form synchronization for a field or set of fields [https://github.com/mozilla/togetherjs/issues/841 Github Issue 841]}}}} | |||
=== Spoofing === | |||
''Risk:'' It is possible to direct a user to an offsite url that could be crafted to resemble the original URL. | |||
''Requirement:'' This should not be allowed or at the very least a warning should appear when changing sites. | |||
{{ResolutionBox|{{new|Disallow navigation offsite via "person X went to URL" See: [https://github.com/mozilla/togetherjs/issues/847 Github Issue 847].}}}} | |||
= Alignment with Privacy Operating Principles = | = Alignment with Privacy Operating Principles = | ||
| Line 123: | Line 138: | ||
====Principle: Transparency / No Surprises==== | ====Principle: Transparency / No Surprises==== | ||
(How the feature addresses this) | (How the feature addresses this) | ||
* Users receive a notification in the form of a door hanger when entering into a new session on a site using TogetherJS that they can use to not enter into a session. | |||
* Users will be given appropriate warnings about the disclosure of personal information using the nu-authenticated chat functions. | |||
''Recommendations'': (what can be improved) | ''Recommendations'': (what can be improved) | ||
* see items above | |||
====Principle: Real Choice==== | ====Principle: Real Choice==== | ||
* users can choose not to use the feature | |||
''Recommendations'': | ''Recommendations'': | ||
====Principle: Sensible Defaults==== | ====Principle: Sensible Defaults==== | ||
* System defaults to using HTTPS (at least on Mozilla sites, we cannot enforce this only recommend it for other consumers of TogetherJS). | |||
''Recommendations'': | ''Recommendations'': | ||
====Principle: Limited Data==== | ====Principle: Limited Data==== | ||
| Line 149: | Line 165: | ||
! Details | ! Details | ||
|- | |- | ||
| {{ | | {{done|Initial Overview Discussion}} | ||
| | | Curtis Koenig, Ian Bicking, Aaron Druck, Mark Goodwin, Dan Veditz, David Chan | ||
| Github tracker bugs linked above | |||
| 2013.10.09 [https://wiki.mozilla.org/Security/Reviews/TogetherJS Security and Privacy Review] | |||
|- | |||
| {{done|Public Comments closed}} | |||
| | |||
| | | | ||
| | | 2013.10.17 | ||
|} | |} | ||
[[Category:Privacy/Reviews|Template]] | [[Category:Privacy/Reviews|Template]] | ||