Privacy/Reviews/ThunderbirdBigFiles
Document Overview
| Feature/Product: | BigFiles transfer in Thunderbird |
| Projected Feature Freeze Date: | (tbd) |
| Product Champions: | (JB Piacentino) |
| Privacy Champions: | (Privacy Friend you're working with) |
| Security Contact: | (the security Friend you're working with) |
| Document State: | [ON TRACK] ready for privacy friend |
Timeline:
| Architectural Overview: | (date TBD) |
| Recommendation Meeting: | (date TBD) |
| Review Complete ETA: | tbd |
Architecture
In this section, the product's architecture is described. Any individual components or actors are identified, their "knowledge" or what data they store is identified, and data flow between components and external entities is described.
The main objective of this feature/product is:
Allowing users to upload large file attachments to some storage service, be it a third party like Dropbox or YouSendIt, or a private storage service (a WebDAV server behind a corporate firewall, for example).
Links to the uploaded files are then inserted into the body of the email, making it easy for the recipient to download them.
Design Documents: https://wiki.mozilla.org/Features/Thunderbird/BigFiles
The following diagram illustrates the data flow with the two included nsIMsgCloudFileProvider implementations.
Components
Each supported storage service has a corresponding XPCOM component implementing the nsIMsgCloudFileProvider interface. These components are responsible for handling authorization, file upload, file deletion, and user profile retrieval from the service (where the user profile tells us things like how much space is left for the user to fill with their files).
A cloudFileAccounts component manages the creation and deletion of accounts, and instantiates instances of the appropriate nsIMsgCloudFileProviders when necessary.
The mail compose window calls out to the cloudFileAccounts component to determine what storage services are supported, and when requested by the user, uses cloudFileAccounts to create the appropriate nsIMsgCloudFileProvider instance, and then uploads the selected file(s) through it.
There is a pane in the Thunderbird preferences dialog that allows a user to add or delete storage accounts. We currently only allow one account per account type, but this limitation might be overcome in future versions.
YouSendIt Provider
This component implements the nsIMsgCloudFileProvider interface.
Stored Data:
| What | Where |
|---|---|
| Account username | nsILoginManager |
| Account password (optional) | nsILoginManager |
| Account session token | nsILoginManager |
| Uploaded files | YouSendIt servers |
Dropbox Provider
This component implements the nsIMsgCloudFileProvider interface.
Stored Data:
| What | Where |
|---|---|
| OAuth token / secret | nsILoginManager |
| Uploaded files | Dropbox servers |
User Data Risk Minimization
In this section, the privacy champion will identify areas of user data risk and recommendations for minimizing the risk.
Alignment with Privacy Operating Principles
In this section, the privacy champion will identify how the feature lines up with Mozilla's privacy operating principles.
See Also: Privacy/Roadmap_2011#Operating_Principles:
Principle: Transparency / No Surprises
(How the feature addresses this)
Recommendations: (what can be improved)
Principle: Real Choice
Recommendations:
Principle: Sensible Defaults
Recommendations:
Principle: Limited Data
Recommendations:
Follow-up Tasks and tracking
| What | Who | Bug | Details |
|---|---|---|---|
| [NEW] Initial Overview Discussion | ? | Meeting time TBD |