Security/Contextual Identity Project/Containers: Difference between revisions

Security/Contextual Identity Project/Containers (view source)

358 bytes removed , 31 July 2015

Description paragraph not accurate

canmove, Confirmed users

285

edits

@@ Line 6: / Line 6: @@
 [[File:Containers-side-by-side.png|900px|frameless]]
-Linux containers all share the same kernel but they have different process/networking/filesystem namespaces. Similarly, browser containers share the same [[Security/Contextual Identity Project/User Profiles|browser profile]] and process but have different cookie/storage namespaces.
+Individuals behave differently in the world when they are in different context.  The way they act at work may differ from how they act with their family.  Similarly, users have different contexts when they browser the web.  They may not want to leak their social network context with their work context.  The goal of this project is to allow users to separate these different contexts while browsing the web on Firefox.  Each context will have its own cookie jar that is segregated from other contexts.
-When a user creates a new container, the browser opens a new window that's visually different from the other ones and that window has a different appid [1]. When that window is closed, all of the data related to the container's main origin is retained, but the rest is cleared (e.g. a Facebook container will keep Facebook cookies to preserve the session, but it will clear all non-Facebook cookies to reduce tracking).
-[1] The AppID key is linked to cookie jars, local storage, indexedDB, HTTP auth cache, HTTP data cache. It is NOT linked with history, bookmarks or addons.
 ==Benefit for users==