Privacy/Reviews/Firefox Home
Document Overview
| Feature/Product: | Firefox Home |
| Projected Feature Freeze Date: | (tbd) |
| Product Champions: | (your name here) |
| Privacy Champions: | Sid Stamm |
| Security Contact: | Michael Coates |
| Document State: | [NEW] |
Timeline:
| Architectural Overview: | 27-April-2011 (crypto proxy) TBD (home server) |
| Recommendation Meeting: | (date TBD) |
| Wrap-up Meeting: | (if necessary) |
Architecture
In this section, the product's architecture is described. Any individual components or actors are identified, their "knowledge" or what data they store is identified, and data flow between components and external entities is described.
The main objective of this feature/product is: (describe the goals of the feature/product here)
Design Documents: Link to any design or architectural documents here.
Feature Pages: Home/Features/crypto/proxy
Components
Describe any major components in the system and how they interact. Also include any third-party APIs (those Mozilla does not control) and what type of data is sent or received via those APIs.
Crypto Proxy
This component connects to your sync account and acts (as a sync client) as a proxy to decrypt your data. Home/Features/crypto/proxy
The tables below simply summarize the data encountered by this component.
Stored Data:
| What | Where |
|---|---|
| usernames + sync auth tokens (for accessing users' data) | server's db? |
Communication with Sync Client (Firefox)
| Direction | Message | Data | Notes |
|---|---|---|---|
| In: | createAccount() | username | Called by sync client when users elect to enable web access |
| Out: | createAccount() return | access token | token for obtaining user's key for tab/bookmark/history collections sent to sync client (given to home) |
Communication with Sync Server
| Direction | Message | Data | Notes |
|---|---|---|---|
| In: | sync() return | encrypted tabs/bookmarks/history | Called to get access to user's sync data |
| Out: | sync() call | access token + username | Called to obtain access to encrypted data (which will be decrypted and sent to Home Server) |
Communication with Home Server
| Direction | Message | Data | Notes |
|---|---|---|---|
| In: | sync() call | username + access token | called by home to obtain user's sync data |
| Out: | sync() return | decrypted data | user's unencrypted sync data |
Home Server
This component does A, B and C and interacts with component Y to do D.
The tables below simply summarize the data encountered by this component.
Stored Data:
| What | Where |
|---|---|
| data type | where stored |
Communication with Crypto Proxy
| Direction | Message | Data | Notes |
|---|---|---|---|
| In: | message 1 | types of data received from component Y with the message | |
| Out: | message 2 | types of data sent to component Y with the message |
Communication with Sync Server
| Direction | Message | Data | Notes |
|---|---|---|---|
| In: | message 1 | types of data received from component Y with the message | |
| Out: | message 2 | types of data sent to component Y with the message |
User Data Risk Minimization
In this section, the privacy champion will identify areas of user data risk and recommendations for minimizing the risk.
Alignment with Privacy Operating Principles
In this section, the privacy champion will identify how the feature lines up with Mozilla's privacy operating principles.
See Also: Privacy/Roadmap_2011#Operating_Principles:
Principle: Transparency / No Surprises: (How the feature addresses this)
Recommendations: (what can be improved)
Principle: Real Choice:
Recommendations:
Principle: Sensible Defaults:
Recommendations:
Principle: Limited Data:
Recommendations:
Follow-up Tasks and tracking
| What | Who | Bug | Details |
|---|---|---|---|
| [NEW] Initial Overview Discussion | ? | Meeting time TBD |