Security/Contextual Identity Project/Private Session: Difference between revisions
(link to Anonymous Browsing) |
(Added chrome issue to related work) |
||
| Line 38: | Line 38: | ||
* Based on user research, design containers around use cases. | * Based on user research, design containers around use cases. | ||
==Related== | ==Related Work== | ||
* [[Security/Anonymous_Browsing]] has a list of use cases which require better isolation between sites. | * [[Security/Anonymous_Browsing]] has a list of use cases which require better isolation between sites. | ||
* Google Chrome’s [https://code.google.com/p/chromium/issues/detail?id=24690 Issue 24690: All incognito windows share the same cookie jar] | |||
Revision as of 23:50, 8 February 2015
enhancing private browsing to provide some elements of isolation between sites
Warning: This is just a draft proposal of how contextual identities might be implemented in Firefox
Description
This proposal includes some ideas we have for containers, but completely rely on the existing Private Browsing feature.
The basic idea:
- Every Private Window opens a new AppID. It becomes a Private Session.
- A link opened from inside a Private Window opens in the same AppID.
It will not require existing users of Private Window to change their existing behaviours, but it will give users who want multiple sessions the ability to open a new one easily.
There are going to be some UI changes, of course, but they’re going to be minimal. The visual change is this: every new session is visually distinct. It will have a different colour (from purple to orange, blue, green, etc.) and also a little number to further distinguish it from each other. Everything else remains exactly the same.
Possible timeline
Phase 1:
- Hide Private Session behind a pref.
- Pref. off by default except on Nightly and Aurora
- No user-facing interface. No colour coding.
- Blog about it on Hacks blog. Firefox is the only browser that does this. It’s going to help web developers and make it possible for users to sign into one site with multiple accounts.
- Measure and observe user behaviour. See how developers and early adopters use it.
Phase 2:
- Enable pref. for everybody
- Deploy user-facing component (colour coding)
- Tutorials on Private Session start page
- Tutorials on SUMO
- Measure and observe user behaviour
- How many sessions do a user typically open? How many tabs and windows per session?
- Do they use it to sign into the same site and keep it open for a long time?
Phase 3:
- Based on user research, decide whether it’s worth it to turn this feature into containers, or to stick with designing multiple profiles instead.
- Based on user research, design containers around use cases.
Related Work
- Security/Anonymous_Browsing has a list of use cases which require better isolation between sites.
- Google Chrome’s Issue 24690: All incognito windows share the same cookie jar