Identity/EngPlan/wVEC
Contents
- 1 Overview
- 2 Key People
- 3 Work Items
- 3.1 Web Verified Email Client (wVEC)
- 3.1.1 Integrate better PRNG Javascript library with RSA library
- 3.1.2 Core HTML VEP client implementation
- 3.1.3 UI interaction through account creation / email verification / login portion of VEP process
- 3.1.4 Create 'navigator.id' RP client wrapper and inter-window communications
- 3.1.5 Create 'navigator.id' IA client wrapper and inter-window communications
- 3.1.6 UI for displaying / selecting verified email addresses
- 3.1.7 Certificate refresh (success cases)
- 3.1.8 Certificate refresh (failure cases)
- 3.1.9 Jasmine test coverage
- 3.1.10 Documentation
- 3.1.11 External Dependencies
- 3.1.12 Security Review
- 3.1.13 Packaging and Deployment
- 3.1.14 UX design / signoff
- 3.1 Web Verified Email Client (wVEC)
- 4 Timeline
Overview
Identity Engineering plan.
This document addresses the build portions of the Identity service, including the Verified Email Protocol (VEP), Verified Email Service (VES), Web Based Verified Email Client (wVEC), Firefox Native Verified Email Client (fVEC)
Key People
| Technical Lead: | Rob Miller |
| Additional Developers: | JR Conlin, Dave Dahl |
| Project Manager: | Dan Mills |
| Product Manager: | Dan Mills |
| UX: | TBD |
Work Items
Web Verified Email Client (wVEC)
Integrate better PRNG Javascript library with RSA library
| Assigned to: | rmiller |
| Bug: | 664593 |
| Assumes/Depends On: | InfraSec sign off on all javascript crypto libraries |
| Working Estimate: | 2 days
Best case: 1 day |
The plan is to use the twu-rsa library for the RSA implementation, but to replace the ArcFour-based PRNG that it includes w/ the Fortuna-derived PRNG that comes w/ the SJCL. This will be seeded w/ entropy from the user actions and from the server.
Core HTML VEP client implementation
| Assigned to: | rmiller |
| Bug: | 664598 |
| Assumes/Depends On: | Related server components are implemented / working |
| Working Estimate: | 7 days (4 days complete, 3 days remaining)
Best case: 6 days (i.e. 2 days remaining) |
UI interaction through account creation / email verification / login portion of VEP process
| Assigned to: | rmiller |
| Bug: | 664594 |
| Assumes/Depends On: | Related server components are implemented / working |
| Working Estimate: | 2 days
Best case: 0.5 days |
| Assigned to: | rmiller |
| Bug: | 664597 |
| Assumes/Depends On: | Services and InfraSec signoff on jschannel |
| Working Estimate: | 1.5 days
Best case: 1 days |
Using jschannel to handle the inter-frame communication for now, pending review of the jschannel code by Services engineers and InfraSec.
| Assigned to: | rmiller |
| Bug: | 669455 |
| Assumes/Depends On: | Services and InfraSec signoff on jschannel |
| Working Estimate: | 1.5 days
Best case: 1 days |
Using jschannel to handle the inter-frame communication for now, pending review of the jschannel code by Services engineers and InfraSec.
UI for displaying / selecting verified email addresses
| Assigned to: | rmiller |
| Bug: | 664599 |
| Assumes/Depends On: | Related server components are implemented / working |
| Working Estimate: | 2 days
Best case: 1 day |
Certificate refresh (success cases)
| Assigned to: | rmiller |
| Bug: | 668620 |
| Assumes/Depends On: | Related server components are implemented / working |
| Working Estimate: | 4 days
Best case: 3 day |
This process has to work both with our server and also with a primary authority using the iaWrapper.js wrapper.
Certificate refresh (failure cases)
| Assigned to: | rmiller |
| Bug: | 668625 |
| Assumes/Depends On: | Related server components are implemented / working |
| Working Estimate: | 3 days
Best case: 2 days |
This process has to work both with our server and also with a primary authority using the iaWrapper.js wrapper.
Jasmine test coverage
| Assigned to: | rmiller |
| Bug: | 664601 |
| Assumes/Depends On: | |
| Working Estimate: | 5 days
Best case: 3 days |
Documentation
| Assigned to: | rmiller |
| Bug: | 664600 |
| Assumes/Depends On: | |
| Working Estimate: | 4 days
Best case: 2 days |
External Dependencies
Security Review
| Assigned to: | |
| Bug: | TBD |
| Assumes/Depends On: | requires InfraSec |
| Working Estimate: | 5 days?
Best case: |
Packaging and Deployment
| Assigned to: | |
| Bug: | TBD |
| Assumes/Depends On: | |
| Working Estimate: | 5 days?
Best case: |
UX design / signoff
| Assigned to: | |
| Bug: | TBD |
| Assumes/Depends On: | |
| Working Estimate: | '
Best case: |
Timeline
Expected Completion
Milestones
Milestone 1: Resolve client based Crypto concerns
There are several concerns regarding a javascript based crypto library. One of the larger is how the library can acquire a proper level of entropy. At this milestone, we will have resolved these issues and determined an appropriate approach to provide adequate RSA encryption.
- Associated Bugs: 664593
- Working Estimate: 4 days
- Completion Date: TBD
Milestone 2: Complete interface elements
The library needs to communicate with the server. At this milestone, the client library will be able to communicate securely to the server and the Requesting Party site.
- Associated Bugs: 664597, 664598
- Working Estimate: 6 days
- Completion Date: TBD
Milestone 3: UI Finalized
The library needs to present to the user various actionable elements. At this milestone, the client library will present those items to the user in a clear manner. NOTE: This will require working with UX and UI, which may impact deliverable date.
- Associated Bugs: 664594, 664599
- Working Estimate: 4 days
- Completion Date: TBD
Milestone 4: Wrapup
The library needs to have full test cases working, documentation, and packaged for deployment and testing At this milestone, the library will be in a beta consumer ready state. Documentation and packaging may not be finalized, but they should be at a point where an external developer can set up and use the system with no prior knowledge of the system and minimal assistance.
- Associated Bugs: 664601, 664600
- Working Estimate: 5 days
- Completion Date: TBD
