Identity/EngPlan
Overview
[[1]] Engineering plan.
This document addresses the build portions of the Identity service, including the Verified Email Protocol (VEP), Verified Email Service (VES), Web Based Verified Email Client (wVEC), Firefox Native Verified Email Client (fVEC)
Key People
| Technical Lead: | JR Conlin (VES) |
| Additional Developers: | Rob Miller (wVEC), Dave Dahl (fVEC) |
| Project Manager: | Dan Mills |
| Product Manager: | Dan Mills |
| UX: | TBD |
Work Items
Verified Email Server
Top-level tracking bug: Template:Https://bugzilla.mozilla.org/show bug.cgi?id=663887
Port existing code to new VEP specifications
| Assigned to: | jrconlin |
| Bug: | 663276 |
| Assumes/Depends On: | Finalization of the internal Certificate format |
| Working Estimate: | Code Complete (as of 2011Jun13)
Best case: |
Integrate to Clients
| Assigned to: | jrconlin |
| Bug: | TBD |
| Assumes/Depends On: | completion of baseline server and client |
| Working Estimate: | 4 days
Best case: 2 days |
Complete work on server admin page (address registration)
| Assigned to: | jrconlin |
| Bug: | _*TBD*_ |
| Assumes/Depends On: | Completion of UX designs, Completion of core server |
| Working Estimate: | 4 days
Best case: 3 days |
Long term data storage for VES
| Assigned to: | jrconlin |
| Bug: | _*TBD*_ |
| Assumes/Depends On: | finalization of the VES data requirements |
| Working Estimate: | *code complete as of 2011Jun13*
Best case: |
Performance testing for VES
| Assigned to: | jrconlin |
| Bug: | _*TBD*_ |
| Assumes/Depends On: | Working VES |
| Working Estimate: | 4 days
Best case: 1 day |
Validating unit test coverage for QA
| Assigned to: | jrconlin |
| Bug: | _*TBD*_ |
| Assumes/Depends On: | Working VES |
| Working Estimate: | 4 days
Best case: 1 day |
Misc. server deployment tasks and checks (LDAP connection, Mail server, etc.)
| Assigned to: | jrconlin |
| Bug: | _*TBD*_ |
| Assumes/Depends On: | Working VES |
| Working Estimate: | 2 days
Best case: 1 day |
External Dependencies
Security Review
| Assigned to: | jrconlin, opsec-TBD |
| Bug: | _*TBD*_ |
| Assumes/Depends On: | |
| Working Estimate: | _*REQUIRES SCHEDULING*_
Best case: |
Package and Deploy server to Test
| Assigned to: | TBD |
| Bug: | _*TBD*_ |
| Assumes/Depends On: | Working service |
| Working Estimate: | TBD
Best case: |
Q.A. testing
| Assigned to: | TBD |
| Bug: | _*TBD*_ |
| Assumes/Depends On: | Working Service; jrconlin provides proper testing architecture |
| Working Estimate: | 11 days
Best case: 5 days |
Web Verified Email Client (wVEC)
Local crypto implementation, (notably Random Number Generator)
| Assigned to: | rmiller |
| Bug: | _*TBD*_ |
| Assumes/Depends On: | InfraSec sign off on secure javascript crypto library |
| Working Estimate: | TBD
Best case: 1 day |
UI responsibilities (IOW: what UI elements live on the server vs. what are presented from inside the library)
| Assigned to: | rmiller |
| Bug: | _*TBD*_ |
| Assumes/Depends On: | UX fully defined. |
| Working Estimate: | 2 days
Best case: .5 days |
| Assigned to: | rmiller |
| Bug: | _*TBD*_ |
| Assumes/Depends On: | |
| Working Estimate: | 1 day
Best case: 1 day |
Create iframe containing actual client implementation, along with RP handshake
| Assigned to: | rmiller |
| Bug: | _*TBD*_ |
| Assumes/Depends On: | |
| Working Estimate: | 3 days
Best case: 2 days |
UI for displaying / selecting verified email addresses
| Assigned to: | rmiller |
| Bug: | _*TBD*_ |
| Assumes/Depends On: | UI finalized |
| Working Estimate: | 2 days
Best case: 1 days |
Jasmine test coverage
| Assigned to: | rmiller |
| Bug: | _*TBD*_ |
| Assumes/Depends On: | |
| Working Estimate: | 3 days
Best case: 2 days |
Documentation
| Assigned to: | rmiller |
| Bug: | _*TBD*_ |
| Assumes/Depends On: | |
| Working Estimate: | 2 days
Best case: 1 day |
External Dependencies
Security Review
| Assigned to: | rmiller |
| Bug: | _*TBD*_ |
| Assumes/Depends On: | requires InfraSec |
| Working Estimate: | _*TBD*_
Best case: |
Packaging and Deployment
| Assigned to: | rmiller |
| Bug: | _*TBD*_ |
| Assumes/Depends On: | |
| Working Estimate: | _*TBD*_
Best case: |
Firefox Verified Email Client (fVEC)
Design Docs
| Assigned to: | ddahl |
| Bug: | _*TBD*_ |
| Assumes/Depends On: | Completed protocol specifications |
| Working Estimate: | 2 days
Best case: 1 day |
Browser level API
| Assigned to: | ddahl |
| Bug: | _*TBD*_ |
| Assumes/Depends On: | |
| Working Estimate: | 3 days
Best case: 2 days |
Identity Registration
| Assigned to: | ddahl |
| Bug: | _*TBD*_ |
| Assumes/Depends On: | |
| Working Estimate: | 2 days
Best case: 5 days |
Identity Assertion Generation
| Assigned to: | ddahl |
| Bug: | _*TBD*_ |
| Assumes/Depends On: | |
| Working Estimate: | 9 days
Best case: 5 days |
Certificate Refresh
| Assigned to: | ddahl |
| Bug: | _*TBD*_ |
| Assumes/Depends On: | |
| Working Estimate: | 4 days
Best case: 2 days |
Internal Crypto API
| Assigned to: | ddahl |
| Bug: | _*TBD*_ |
| Assumes/Depends On: | |
| Working Estimate: | 3
Best case: 1 day |
UI (front-end, 'login to browser')
| Assigned to: | ddahl |
| Bug: | _*TBD*_ |
| Assumes/Depends On: | |
| Working Estimate: | 12 days
Best case: 8 days |
External Dependencies
Platform NSS Wraper API
| Assigned to: | ddahl |
| Bug: | _*TBD*_ |
| Assumes/Depends On: | need coordination with bsmith |
| Working Estimate: | TBD
Best case: |
Platform NSS Wraper API
| Assigned to: | ddahl |
| Bug: | _*TBD*_ |
| Assumes/Depends On: | |
| Working Estimate: | 11 days
Best case: 5 days |
Code Review
| Assigned to: | ddahl |
| Bug: | _*TBD*_ |
| Assumes/Depends On: | |
| Working Estimate: | 13 days
Best case: 10 days |
Security Review
| Assigned to: | ddahl |
| Bug: | _*TBD*_ |
| Assumes/Depends On: | Scheduling with InfraSec |
| Working Estimate: | 1 day
Best case: 1 day |
Timeline
Expected Completion
Most tasks can be parallelized with clients working off of the base server. There is some imperative in getting the base server operational on a test platform in order to provide the clients with a baseline to work from.
Working Estimate: 58 days
Milestones
Milestone 1: Completion of the Identity Server
- server should be deployed to a test configuration with access to test LDAP and some level of backend storage.
- user should be able to perform minimal account related actions
- Expected completion: Done
Milestone 2: Completion of the Web Client
- client should be able to work with the existing server
- client should be able to provide basic VEP service to a demo 3rd party site
Milestone 3: Completion of the Firefox Native client
- client should be able to work with existing server
- client should be able to provide basic VEP service to a demo 3rd party site
Milestone 4: UI and UX cleanup
- rough placeholders and layout removed in favor of better designed.
- some packaging and base documentation in place.
Milestone 5: Security and QA signoff
- site passes QA and InfraSec reviews.
- base set of scriptable QA tests in place for maintenance.
Milestone 6: Deployment
- Code is deployed to a public accessible server (beta) for preliminary testing and user feedback.
M1 (Completion of the Identity Server)
Working Estimate: 0 days
Target Completion (ready for infra) is Jun 14th
M2 (Completion of wVEC)
Working Estimate: TBD
Target Completion:
M3 (Completion of fVEC)
Working Estimate: TBD
Target Completion:
M4 (UX/UI complete)
Working Estimate: TBD
Target Completion:
M5 (Sec / QA signoff)
Working Estimate: TBD
Target Completion:
M6 (Deployment)
Working Estimate: TBD
Target Completion: