Identity/BrowserID/Addon

{{#set:Feature name=BrowserID Addon

|Feature stage=Draft |Feature status=In progress |Feature version=Beta in Q4 |Feature health=OK |Feature status note=` }}

{{#set:Feature product manager=Dan Mills

|Feature feature manager=` |Feature lead engineer=Shane Tomlinson |Feature security lead=Yvan Boily |Feature privacy lead=Sid Stamm |Feature localization lead=` |Feature accessibility lead=` |Feature qa lead=James Bonacci |Feature ux lead=Alex Faaborg |Feature product marketing lead=` |Feature operations lead=` |Feature additional members=Ben Adida, Lloyd Hilaiel, Dietrich Ayala, Myk Melez }}

• GitHub Issues - GitHub Issues
• Jetpack based addon bundled with Firefox has not been done before.
• Jetpack based addons may cause performance penalty.
• End to end security review needs done on site, addon, and Jetpack.
• l10n needs to happen on on both the site and addon.
• Content in URL bar being driven by content instead of the user or browser.
• Need to address accessibility concerns

1. Feature overview

The BrowserID addon is a Jetpack based addon that will be bundled with Firefox to provide an in-browser experience for using BrowserID as well as showing user's authentication status in the browser URL bar for sites that support the Sessions API Sessions API

2. Users & use cases

All Firefox users who use BrowserID. This addon provides an in-browser experience for using BrowserID, making phishing and spoofing of the BrowserID site much more difficult.

3. Dependencies

• Jetpack Addon-SDK Jetpack SDK - List of Jetpack Dependencies
• BrowserID BrowserID

4. Requirements

Non-goals

`

5. Functional specification

6. User experience design

Faaborg's Mockups Faaborg's Account Sign In mocks

7. Implementation plan

8. Reviews

Security review

`

Privacy review

`

Localization review

`

Accessibility

`

Quality Assurance review

`

Operations review

`

9. Implementation

`

10. Landing criteria

` {{#set:Feature open issues and risks=* GitHub Issues - GitHub Issues

• Jetpack based addon bundled with Firefox has not been done before.
• Jetpack based addons may cause performance penalty.
• End to end security review needs done on site, addon, and Jetpack.
• l10n needs to happen on on both the site and addon.
• Content in URL bar being driven by content instead of the user or browser.
• Need to address accessibility concerns

|Feature overview=The BrowserID addon is a Jetpack based addon that will be bundled with Firefox to provide an in-browser experience for using BrowserID as well as showing user's authentication status in the browser URL bar for sites that support the Sessions API Sessions API |Feature users and use cases=All Firefox users who use BrowserID. This addon provides an in-browser experience for using BrowserID, making phishing and spoofing of the BrowserID site much more difficult. |Feature dependencies=* Jetpack Addon-SDK Jetpack SDK - List of Jetpack Dependencies

• BrowserID BrowserID

|Feature requirements=* |Feature non-goals=` |Feature functional spec=* |Feature ux design=Faaborg's Mockups Faaborg's Account Sign In mocks |Feature implementation plan=* |Feature security review=` |Feature privacy review=` |Feature localization review=` |Feature accessibility review=` |Feature qa review=` |Feature operations review=` |Feature implementation notes=` |Feature landing criteria=` }}

{{#set:Feature priority=`

|Feature rank=999 |Feature theme=` |Feature roadmap=` |Feature secondary roadmap=` |Feature list=` |Feature project=` |Feature engineering team=` }}

{{#set:Feature products status=Signing into the browser concept needs revisited to ensure it matches user expectations.

|Feature products notes=` |Feature engineering status=Lots of work to be done yet. |Feature engineering notes=An alpha version is available on GitHub at Alpha XPI.

• Awaiting performance report from Dietrich. Initial stats show that bundling the addon incurs a performance penalty, but further review is needed to find out what is due to Jetpack and what is due to BrowserID portion.
• Security review is needed on portions of Jetpack that are going to be used in addon.
• Addon needs fixed to handle opening multiple Firefox windows.
• Quality and Security Reviews are needed on addon code.

|Feature security status=sec-review-needed |Feature security health=Assigned |Feature security notes=sstamm |Feature privacy status=` |Feature privacy notes=` |Feature localization status=l10n ideas have been talked about but nothing concrete. |Feature localization notes=` |Feature accessibility status=Need to make Sign Into the Browser and BrowserID portions accessible |Feature accessibility notes=Should get Marco and David involved. |Feature qa status=` |Feature qa notes=We need to start a QA and test plan. |Feature ux status=` |Feature ux notes=` |Feature product marketing status=` |Feature product marketing notes=` |Feature operations status=` |Feature operations notes=` }}