MozillaWiki

Identity/Features/Web-based Verified Email Client: Difference between revisions

Page Discussion

Identity/Features/Web-based Verified Email Client (view source)

Revision as of 03:31, 5 February 2012

212 bytes added ,  5 February 2012
no edit summary
No edit summary
 
(10 intermediate revisions by 5 users not shown)
Line 1: Line 1:
{| class="fullwidth-table"
{{FeatureStatus
|-
|Feature name=Web-based Verified Email Client
| style="font-weight: bold; background: #DDD;" | Feature
|Feature stage=Complete
| style="font-weight: bold; background: #DDD;" | Status
|Feature status note=Scoping new work after VEP changes.
| style="font-weight: bold; background: #DDD;" | ETA
}}
| style="font-weight: bold; background: #DDD;" | Owner
{{FeatureTeam
|-
|Feature product manager=Dan Mills
<section begin="status" />
|Feature feature manager=Dan Mills
| [[Identity/Features/Web-based Verified Email Client|Web-based Verified Email Client]]
|Feature lead engineer=Rob Miller
| {{StatusBlocked|status=Scoping new work after VEP changes}}
|Feature security lead=Michael Coates
| TBD
|Feature privacy lead=Sid Stamm
| JR Conlin
|Feature qa lead=James Bonacci
<section end="status" />
|Feature ux lead=Chris Howse
|-
}}
|}
{{FeaturePageBody
 
|Feature overview=Pure HTML client of the Verified Email Service.
== Summary ==
Pure HTML client of the Verified Email Service.


Related features:
Related features:
Line 23: Line 21:
* [[../Verified Email Service Admin Interface|Verified Email Service Admin Interface]]
* [[../Verified Email Service Admin Interface|Verified Email Service Admin Interface]]


== Team ==
Goals:
Who's working on this?
* Implement the JS API for sites to support Verified Email
* Not to interfere when native browser support is present
* Directly interface with the Mozilla Verified Email service for all functionality
* Support Verified Email on current-generation browsers: Firefox 4, IE 8, Chrome 10, Safari 5, Opera
|Feature users and use cases=Mark gets a tip from a friend about SaladFans.com, a place to review and share your favorite salad bars. Mark visits the site and is eager to contribute his own reviews as well as connecting with friends to find out which salad bars they like.


* '''Feature Manager''': Dan Mills
Mark sees a "sign in" button on the SaladFans site, and when he clicks on it a Mozilla ID pop-up dialog comes up telling him that the site is asking for a verified email address to sign-in. Mark hasn't used Mozilla ID before, so he clicks the "register" button.
* '''Lead Developer''': JR Conlin
* '''Product Manager''': Dan Mills
* '''QA''': Tracy Walker
* '''UX''': Chris Howse
* '''Security''': Michael Coates
* '''Privacy''': Sid Stamm


== Release Requirements ==
Mark now types in his email address, and chooses a password for his account. After he's done, Mozilla ID tells him that a verification message has been sent to his email, and he needs to click on a link there before proceeding. Mark checks his email and clicks on the link in the message Mozilla ID sent him. The link opens up a new pop-up replacing the previous one, which welcomes him to Mozilla ID and asks him if it's OK to disclose the email address to SaladFans.com. Mark clicks OK, the dialog closes, SaladFans.com reloads, and Mark is now signed into SaladFans.com!


{| width="100%" cellpadding="3"
Key Points:
|-
* Easy set-up from scratch
| style="background-color: #efefef;"| '''Item'''
* All HTML flow, works on a variety of browsers
| style="background-color: #efefef;"| '''Bug'''
* Flow centered around verified email disclosure
| style="background-color: #efefef;"| '''Status'''
|Feature requirements=<table width="100%" cellpadding="3">
|-
<tr>
| Core VEP client implementation (can handshake w/ server register an email, generate keys, receive a cert, generate assertion;  no UI, no cert refresh) || - || -
<td style="background-color: #efefef;">'''Item'''</td>
|-
<td style="background-color: #efefef;">'''Bug'''</td>
| Relying party wrapper implementation (can handle getVerifiedEmail call and interact w/ core VEP client in a popup window; still no UI nor cert refresh) || - || -
<td style="background-color: #efefef;">'''Status'''</td>
|-
</tr>
| UI interaction through account creation / login / release of one email address (most UI will be generated by the server) || - || -
<tr>
|-
<td> Core VEP client implementation (can handshake w/ server register an email, generate keys, receive a cert, generate assertion;  no UI, no cert refresh) </td><td> 664598 </td><td> -
| Email selection UI (mostly generated by UA) and integration into VEP process || - || -
</tr>
|-
<tr>
| Certificate refresh, successful only || - || -
<td> Relying party wrapper implementation (can handle getVerifiedEmail call and interact w/ core VEP client in a popup window; still no UI nor cert refresh) </td><td> 664597 </td><td> -
|-
</tr>
| Certificate refresh w/ failure || - || -
<tr>
|-
<td> Identity authority wrapper implementation (can handler registerVerifiedEmail and registerVerifiedEmailCertificate calls and can interact w/ core VEP client in parent window, still no UI nor cert refresh) </td><td> 669455 </td><td> -
| ============= OLDER (OBSOLETE?) MILESTONES BELOW =============
</tr>
|-
<tr>
| Relying party API || - || -
<td> UI interaction through account creation / login / release of one email address (most UI will be generated by the server) </td><td> 664594 </td><td> -
|-
</tr>
| Sign-in pop-up || - || -
<tr>
|-
<td> Email selection UI (mostly generated by UA) and integration into VEP process </td><td> 664599 </td><td> - </td>
| Email disclosure pop-up || - || -
</tr>
|-
<tr>
| Email verification pop-up || - || -
<td> Certificate refresh, successful only </td><td> 668620 </td><td> - </td>
|-
</tr>
| Account creation pop-up || - || -
<tr>
|-
<td> Certificate refresh w/ failure </td><td> 668625 </td><td> - </td>
| Account creation UX polish[1] || - || -
</tr>
|-
<tr>
| HTML client popups support multiple emails || - || -
<td colspan="3"> ========= OLDER (OBSOLETE?) MILESTONES BELOW ========== </td>
|-
</tr>
| HTML client allows adding a new email to an existing account || - || -
<tr>
|}
<td> Relying party API </td><td> - </td><td> - </td>
</tr>
<tr>
<td> Sign-in pop-up </td><td> - </td><td> - </td>
</tr>
<tr>
<td> Email disclosure pop-up </td><td> - </td><td> - </td>
</tr>
<tr>
<td> Email verification pop-up </td><td> - </td><td> - </td>
</tr>
<tr>
<td> Account creation pop-up </td><td> - </td><td> - </td>
</tr>
<tr>
<td> Account creation UX polish[1] </td><td> - </td><td> - </td>
</tr>
<tr>
<td> HTML client popups support multiple emails </td><td> - </td><td> - </td>
</tr>
<tr>
<td> HTML client allows adding a new email to an existing account </td><td> - </td><td> - </td>
</tr>
</table>


[1] ''e.g., password strength meter, pop-up auto-closes upon email verification''
[1] ''e.g., password strength meter, pop-up auto-closes upon email verification''
 
|Feature non-goals=* Integrating with/implementing non-Verified Email auth protocols
== Next Steps ==
** including HTTP Auth, forms-based sign-in, OpenID, OAuth, etc.
 
* Support for other profile information
== Open Issues ==
|Feature functional spec==== API Docs ===
 
== Related Bugs & Dependencies ==
 
== Designs ==
=== API Docs ===
* [[Identity/Verified Email Protocol|Verified Email Protocol]]
* [[Identity/Verified Email Protocol|Verified Email Protocol]]
* [[Services/Identity/HTML_Client|HTML client design notes]]
* [[Services/Identity/HTML_Client|HTML client design notes]]
Line 88: Line 102:
Obsolete?
Obsolete?
* [[MozillaID/InternalSpec|Client API]]
* [[MozillaID/InternalSpec|Client API]]
 
|Feature ux design=[[File:Registration.png|200px|thumb|left|Registration (i2)]]
=== Mockups ===
[[File:Registration.png|200px|thumb|left|Registration (i2)]]
[[File:Sign-In-Single-Email.png|200px|thumb|left|Single email (i2)]]
[[File:Sign-In-Single-Email.png|200px|thumb|left|Single email (i2)]]
[[File:Sign-In-and-Site-Identity.png|200px|thumb|left|Multi email (i2)]]
[[File:Sign-In-and-Site-Identity.png|200px|thumb|left|Multi email (i2)]]
Line 98: Line 110:
Older mockups:
Older mockups:
* [[media:WebLogin.jpg|Login popup flow (i1)]]
* [[media:WebLogin.jpg|Login popup flow (i1)]]
 
|Feature qa review=Basic Identity items [https://wiki.mozilla.org/Identity/QA test plan]
== Use Cases ==
}}
 
{{FeatureInfo
Mark gets a tip from a friend about SaladFans.com, a place to review and share your favorite salad bars. Mark visits the site and is eager to contribute his own reviews as well as connecting with friends to find out which salad bars they like.
|Feature priority=P1
 
|Feature roadmap=Mozilla Identity
Mark sees a "sign in" button on the SaladFans site, and when he clicks on it a Mozilla ID pop-up dialog comes up telling him that the site is asking for a verified email address to sign-in. Mark hasn't used Mozilla ID before, so he clicks the "register" button.
|Feature list=Services
 
|Feature engineering team=Services
Mark now types in his email address, and chooses a password for his account. After he's done, Mozilla ID tells him that a verification message has been sent to his email, and he needs to click on a link there before proceeding. Mark checks his email and clicks on the link in the message Mozilla ID sent him. The link opens up a new pop-up replacing the previous one, which welcomes him to Mozilla ID and asks him if it's OK to disclose the email address to SaladFans.com. Mark clicks OK, the dialog closes, SaladFans.com reloads, and Mark is now signed into SaladFans.com!
}}
 
{{FeatureTeamStatus
Key Points:
|Feature security status=sec-review-unnecessary
* Easy set-up from scratch
|Feature security notes=2-Dec-2011: notified project canceled/shelved, removing security tags and closing out feature page per discussion with Rob Miller. Project superseded by BrowserID
* All HTML flow, works on a variety of browsers
}}
* Flow centered around verified email disclosure
 
== Test Plans ==
Basic Identity items [https://wiki.mozilla.org/Identity/QA test plan]
 
== Goals ==
* Implement the JS API for sites to support Verified Email
* Not to interfere when native browser support is present
* Directly interface with the Mozilla Verified Email service for all functionality
* Support Verified Email on current-generation browsers: Firefox 4, IE 8, Chrome 10, Safari 5, Opera
 
== Non-Goals ==
* Integrating with/implementing non-Verified Email auth protocols
** including HTTP Auth, forms-based sign-in, OpenID, OAuth, etc.
* Support for other profile information
 
== Other Documentation ==
 
== Legend (remove if you like) ==
{| class="fullwidth-table"
|-
| {{StatusHealthy|status=&nbsp;}}
| Healthy: feature is progressing as expected.
|-
| {{StatusBlocked|status=&nbsp;}}
| Blocked: feature is currently blocked.
|-
| {{StatusAtRisk|status=&nbsp;}}
| At Risk: feature is at risk of missing its targeted release.
|-
| '''ETA'''
| Estimated date for completion of the current feature task. Overall ETA for the feature is the product release date.
|}
 
__NOTOC__
 
[[Category:Features]]
[[Category:Firefox]]
[[Category:Services]]
Thunder
946

edits

Retrieved from "https://wiki.allizom.org/Special:MobileDiff/324029...394265"