Status
| Application Reputation | |
| Stage | Feature Inbox |
| Status | ` |
| Release target | ` |
| Health | ` |
| Status note | ` |
{{#set:Feature name=Application Reputation
|Feature stage=Feature Inbox |Feature status=` |Feature version=` |Feature health=` |Feature status note=` }}
Team
| Product manager | ` |
| Directly Responsible Individual | ` |
| Lead engineer | Needed |
| Security lead | ` |
| Privacy lead | Needed |
| Localization lead | ` |
| Accessibility lead | ` |
| QA lead | ` |
| UX lead | Needed |
| Product marketing lead | ` |
| Operations lead | ` |
| Additional members | Bizdev needed |
{{#set:Feature product manager=`
|Feature feature manager=` |Feature lead engineer=Needed |Feature security lead=` |Feature privacy lead=Needed |Feature localization lead=` |Feature accessibility lead=` |Feature qa lead=` |Feature ux lead=Needed |Feature product marketing lead=` |Feature operations lead=` |Feature additional members=Bizdev needed }}
Open issues/risks
`
Stage 1: Definition
1. Feature overview
Bug 662819.
We warn on every application download, which causes warning fatigue and doesn't help users make good decisions. We should track the reputation of download URLs and hashes.
2. Users & use cases
Downloading popular, legitimate applications: warnings should become less severe and less redundant.
Downloading known malware or unknown applications: warnings should become more severe and clearer about the origin of the download. Perhaps more similar to the UI for installing Firefox addons (since the result is equivalent).
3. Dependencies
`
4. Requirements
- Preserve privacy as much as possible. This should only apply to downloaded applications, not documents. The URL should not be sent to Mozilla if the download is declined. Users should have the option to use this feature without contributing data to it.
Non-goals
- Virus scanning.
- Offering to sandbox untrusted native applications.
- Preventing downgrade attacks.
- Forcing application download sites to use https.
- Foist AMO-style user reviews upon application download sites.
Stage 2: Design
5. Functional specification
`
6. User experience design
`
Stage 3: Planning
7. Implementation plan
`
8. Reviews
Security review
`
Privacy review
`
Localization review
`
Accessibility
`
Quality Assurance review
`
Operations review
`
Stage 4: Development
9. Implementation
`
Stage 5: Release
10. Landing criteria
` {{#set:Feature open issues and risks=` |Feature overview=Bug 662819.
We warn on every application download, which causes warning fatigue and doesn't help users make good decisions. We should track the reputation of download URLs and hashes. |Feature users and use cases=Downloading popular, legitimate applications: warnings should become less severe and less redundant.
Downloading known malware or unknown applications: warnings should become more severe and clearer about the origin of the download. Perhaps more similar to the UI for installing Firefox addons (since the result is equivalent). |Feature dependencies=` |Feature requirements=* Preserve privacy as much as possible. This should only apply to downloaded applications, not documents. The URL should not be sent to Mozilla if the download is declined. Users should have the option to use this feature without contributing data to it. |Feature non-goals=* Virus scanning.
- Offering to sandbox untrusted native applications.
- Preventing downgrade attacks.
- Forcing application download sites to use https.
- Foist AMO-style user reviews upon application download sites.
|Feature functional spec=` |Feature ux design=` |Feature implementation plan=` |Feature security review=` |Feature privacy review=` |Feature localization review=` |Feature accessibility review=` |Feature qa review=` |Feature operations review=` |Feature implementation notes=` |Feature landing criteria=` }}
Feature details
| Priority | Unprioritized |
| Rank | 999 |
| Theme / Goal | ` |
| Roadmap | Security |
| Secondary roadmap | ` |
| Feature list | ` |
| Project | ` |
| Engineering team | ` |
{{#set:Feature priority=Unprioritized
|Feature rank=999 |Feature theme=` |Feature roadmap=Security |Feature secondary roadmap=` |Feature list=` |Feature project=` |Feature engineering team=` }}
Team status notes
| status | notes | |
| Products | ` | ` |
| Engineering | ` | ` |
| Security | ` | ` |
| Privacy | ` | ` |
| Localization | ` | ` |
| Accessibility | ` | ` |
| Quality assurance | ` | ` |
| User experience | ` | ` |
| Product marketing | ` | ` |
| Operations | ` | ` |
{{#set:Feature products status=`
|Feature products notes=` |Feature engineering status=` |Feature engineering notes=` |Feature security status=` |Feature security health=` |Feature security notes=` |Feature privacy status=` |Feature privacy notes=` |Feature localization status=` |Feature localization notes=` |Feature accessibility status=` |Feature accessibility notes=` |Feature qa status=` |Feature qa notes=` |Feature ux status=` |Feature ux notes=` |Feature product marketing status=` |Feature product marketing notes=` |Feature operations status=` |Feature operations notes=` }}