Identity/PiCL/Engineering Meeting Notes

From MozillaWiki
< Identity‎ | PiCL
Jump to: navigation, search

An archive of notes from PiCL Engineering Coordination meetings.

  • Meetings take place each Monday and Thursday at 4 PM, PDT
    • Vidyo: Identity
    • SF: Noise Pop
    • MV: CYA

IRC: #picl

2013-11-11

Next engineering meeting : PiCL Engineering Coordination Etherpad

2013-11-07

Agenda
  • Action item followup:
    • Naming proposal
      • fxa-auth-server
      • fxa-content-server
      • fxa-js-client
      • fxa-scrypt-helper
      • New irc channel: #fxa
    • /raw password info added to picl-idp/docs/api.md
    • Re: /recovery_email/status polling, we'll stick with polling for now, but we may need to pivot on this after Jed et al. have a working system
  • Should we try to disguise the fact whether a user has a FxAccount?
    • e.g., should a login with an unknown username return "unknown username" or "unknown username or password"
    • Should affect only our unauthenticated endpoints
    • Could provide some defense against remote automated guessing attacks
    • Worse user error messaging
    • Our UX designer thinks we should do this
    • Would need to be careful about timing attacks in our APIs
    • This change might be hard to introduce in the future w/o reving API
    • https://github.com/mozilla/picl-idp/issues/134
Action items
  • warner will own renaming the repos, target end of next week
  • assertion format, and do we need our own verification server?
  • kparlante will talk to benson re: metrics servers to be added to ops things
  • need to followup on PoW
Weekly goals and updates
  • [nalexander] on EST so missing check-in :(
    • update: no update :( I have been 100% on mobile/android build stuff last 1.5 weeks. Expected to work on FxA stuff pre-TO but didn't. Might miss check-in Monday, but will definitely be at check-in Thursday next.
  • rfkelly:
  • Jbonacci: lots of stuff
    • Load testing of picl-idp
    • ELM builds
    • Unit testing
    • Reworking Test Plan
    • Review/track UX/UI changes
    • QA Demo planning
    • AddOns Registration test planning
    • Presence POC/Demo test planning
    • Circus documentation
    • Heka 0.4.0's new dashboard
  • warner: finished rewrite of FxAccounts.jsm, unit tests pass, manual integration fails due to recent picl-idp protocol change. Hoping to finish by EOD. Will be OOO fri-tues.
  • zaach:
    • keeping picl-gherkin up to speed with picl-idp
    • initial api endpoints being implemented in the new gherkin/fxa-js-client
    • continuing work with warner on FxAccountsClient.jsm/HAWK.jsm
  • dcoates:
    • "hardening" the /certificate/sign endpoint
    • chilts now working on mysql
  • vladikoff:
  • kparlante
  • chilts
  • edwong
    • kicked off conversation about Content Server and B2G client testing
    • talked framework choices, travis, saucelab

2013-11-04

Agenda
  • github repo purge/triage/sunset
  • Q4 triage
  • Re: repo naming: descriptive naming vs short naming
    • Github: "Great repository names are short and memorable."
    • uh huh. github recommended "furry-cyril" for my last project.
      • Good suggestion!
  • What does rfkelly want to see in a formalization about the /raw_password API?
    • why is it here, and what the its plan, motivation
  • Ops meeting summary
  • Followup on action items
    • [ckarlof] Re: password reset. Still need to nail down, but currently sticking with links for email verification and codes for password reset
Action items
  • think about repo renaming: "fxa-*"
Weekly goals and updates
  • jbonacci: Continue working along two lines:
    • Load testing - working with rfkelly on updates/changes for deploy and test of load environment
    • ELM testing - desktop and android
    • In addition, I am tracking other services projects: presence, addon registration, heka
  • warner:
    • Found crypto problem with moar_native approach (base64-vs-base64url), got signed certs (but not server tokens) for dev server. Now cleaning up next higher layer.
    • yvan is looking at PoW proposal, thinks we probably *should* include it in v1, will report back early this week
  • zaach:
    • updating picl-gherkin (the browserified library) to reflect latest picl-idp changes
    • working with vlad on new gherkin library
    • make sure desktop/fxos client is ready
  • vladikoff:
  • rfkelly
    • complete token refactoring, including visible API change

2013-10-31

Agenda
  • Write in your updates
  • Followup on action items
  • MySQL implementation landed
  • Attended the "presence" working group meeting: https://etherpad.mozilla.org/presence-meeting They are a potential "customer".
  • Starting to land some shared FxA components (w/ FxOS) on m-c (Hawk, FxA clients, etc)
  • Change the irc channel, this meeting name, github repos etc from "picl" to "firefox accounts"?
  • Proof-of-work/throttling
Action items
  • [ckarlof] Revisit password reset flow
  • [ckarlof] Write more info on /raw_password api
  • [jbonacci] Get awsboxen updates and more detailed deploy notes from Ryan K
  • [tauni] Is Noise Pop on the meeting invite and if not please add it.
    • yes, always has been and CYA in MV is still reserved it is located under optional that is the only way (in zimbra) to reserve multiple conference rooms :)
    • ok, gene didn't see it and was asking. ok cool.
  • [ckarlof] figure out what our new name is
  • [warner] talk to Yvan about PoW/DoS defenses, how other moz projects handle it, how much energy should we put into it
Weekly Goals/Updates
  • jbonacci:
    • walking my way through the update repos. Running unit tests, filing bugs, etc.
    • Also trying to figure out changes to picl-idp load tests and using awsboxen to deploy the load test environment
      • going to attempt localhost load test for now - Mac or RHEL or AWS
  • dcoates
    • landed MySQL
  • warner: confirmed keys are being generated correctly (it was a testing artifact that I saw, not a realy problem). Now implementing unit tests of the key/assertion creation routines. Still need to do a real-server integration test, not sure how to automate that.
  • vladikoff

2013-10-28

Agenda

  • We need to talk about gherkin...
  • ETA on MySQL

Actions Items:

  • [ckarlof] figure out password reset flow
    • formalize /raw_password api (motivation, roadmap)
    • socialize high level architecture of FxAccounts
    • figure out of this should be split into two meetings
  • warner: really finish FxAccounts.jsm signCertificate (it's close), make a plan for landing it, work with zaach to land some parts of it early (directly to m-c, to support FxOS). Investigate native support for scrypt/PBKDF2.
  • dcoates:
  • zaach:
    • write a "gherkin" for native (desktop, FxOS)
  • jgruen and rfeeley: please advertise "Android UX sprint for November 6-8 in TO" and follow-up with Dev and QA in terms of needs/reqs
  • Get jgruen and rfeeley added to this meeting
  • Get same two people to update https://wiki.mozilla.org/Identity/UX

Weekly Goals/Updates

  • jbonacci: Trying to assemble some easily-digestible information for the Mozilla QA team.
  • dcoates: land DB API including MySQL
  • rfkelly:
    • review danny's MySQL schema, get it landed ASAP
    • had a crack at implementing server-sent-events
    • PTO thursday/friday this week
  • nalexander: reviews for several tickets back; starting to turn around re-reviews and land appropriate pieces
    • first try builds of native C pbkdf2_sha256 + scrypt
    • arranging Android UX sprint for November 6-8 in TO
      • jgruen will be supporting UX from Identity for Android -- he is invited up, although this was short notice so it might just be rfeeley, me, and a little ibarlow

2013-10-24

Agenda

Action Items:

  • [ckarlof] Talk to John Gruen about email verification
  • [warner, nalexander] review rfkelly's API unification proposal

Weekly Goals/Updates

2013-10-21

Agenda

Weekly Goals:

  • jbonacci: just review some Resolved Bugzilla bugs related to FAB
  • dcoates: merge new database abstraction layer
  • warner: finish jelly->donut transition for signed-certificate/assertion w/ttaubert
  • rfkelly: finish API doc update, and make the corresponding changes in the code
    • API version number
    • more detailed error codes
    • fix derivation of some keys

Updates

  • nalexander:
  • jbonacci: splitting my time between FxA and AddOns Registration
    • I could use an updated ELM build for FxA testing, although 10/19/2013 might be the most recent for our changes?
    • Either way, will be watching for errors based on changes made to the Dev environment during client work week (last week)
  • dcoates:
    • met with benbangert about cassandra
    • schema structure - denormalize like crazy
    • multiple writes on updates is better
    • prefer single read per api request
    • meeting about database backend
    • v1 mysql
    • experimented with getting a sessionToken with a persona assertion
  • rfkelly:
    • another ubuntu release, another failed update, another day restoring from backups... :-(
    • docs PR, will revisit with feedback from @warner

2013-10-17

Agenda

Updates

  • jbonacci: working on Q4 goals (ideas for), working up Test Plan changes, working on ELM builds for Desktop
    • Also going to be helping Alexis with AddOns Reg basic QA stuff
  • nalexander: some progress towards Sync with FxA accounts
    • journal of negative results: I tried a straight port of the existing Sync 1.1 code to the new auth front end; it gets pretty gnarly due to assumptions about node assignment in the existing code. (Specifically, GlobalSession and EnsureClusterURLStage.)
    • I built support for the four key datatypes instead.
    • ACTION ITEM: Push try build for James!
    • try testtestd@mockmyid.com/testtestd
    • I think there should be at least one bookmark in there :)
  • rfkelly:
    • agitating on bugs, spec and design issues
    • working on docs+spec update, PR by end of day
  • dcoates
    • altered fxa database strategy


2013-10-14

Agenda

  • Desktop/FxA work week
  • q4 goals
  • weekly goals
    • rfkelly:
      • spec review/audit/bug-closing for picl-idp
      • assist with backend refactor landing
        • and maybe an sql implementation if it all goes really well :-)
    • jbonacci: I have 6 (or more) bugs to review (marked Resolved/Fixed) (and mostly Desktop)
    • dcoates: cassandra backend PR https//github.com/mozilla/picl-idp/issues/184
    • zaach:
      • land more patches on elm toward the Milestone 1 goal

Updates:

  • jbonacci: banging on FFos, VM updates, walking through a short list of Bug fixes for picl-idp, etc.

2013-10-08

  • Post summit. Likely nothing.

2013-09-30

Agenda

Updates

  • jbonacci: just focusing on end of Q3 stuff this week, prepping for Summit
  • spenrose: updated https://bugzilla.mozilla.org/show_bug.cgi?id=911378 w/ responses to rnewman; read to push patch for review modulo final comments
  • rfkelly
    • work on pushing some loads changes upstream; not finished yet
    • general travel prep
  • nalexander
    • Landed Bug 799732 (tokenserver client) and Bug 799734 (browserid gubbins)
    • First demo syncing against FxAccount working locally
  • warner: mostly fighting persona secbugs

2013-09-26

Agenda:

Updates:

  • rfkelly
    • auto-update dev deploy for FAB and scrypt-helper
    • Q3 summary report of loadtesting progress
    • ~2000 requests per second so far, with enough webheads!
  • nalexander
    • posted Q3 status report to sync-dev
  • spenrose
    • patch for 911378 coming Any Hour Now
  • zaach
  • jbonacci
    • last week made excellent progress on load testing
    • this week I seemed to have broken everything
    • Working on ideas for deploying rhel/ubuntu AWS instances as loads clients to run the actual load tests rather than using my Mac
    • Handed off client api testing to jrgm. I will still be leading the FF testing of FA and sync on desktop/android (FFos TBD)
  • vlad

2013-09-23

Agenda:

Updates:

  • jbonacci:
    • Still finishing up some bug verifications on IdP and SH.
    • Localhost vs. remote host is driving me crazy
    • Focus shifting to load tests, logging, monitoring for the remainder of Q3
  • rfkelly:
    • ramping up loadtests to produce some nicer-sounding results for end-of-Q3 report
    • polishing off dev logging/monitoring situation
  • warner: help get new node-srp used, help node-scrypt get updated, give scrypt-helper some quality time, add reset-password tests to picl demo-client.py
  • spenrose
    • Ready to implement re-re-re-design of 911378 once I can get elm accepting patches.
  • zaach
    • elm tree fixed!
    • 909967 r=gavin once nits are fixed
  • dcoates
    • implementing cassandra backend
    • have been off my game last couple weeks
    • making better progress now
  • nalexander
    • working on token server client and browser id pieces (since we need to generate tokens), patch almost ready for r?
    • next week: landing token server client, browser id pieces, picl-idp client

2013-09-19

Agenda:

  • I made an effort this week to address QA-related issues. How are we doing?
    • picl-idp unit/functional is testable - Rounds 1 and 2 completed
    • node-srp unit/functional is testable- Rounds 1 and 2 completed
    • firefox-account-bridge unit/functional is testable- Rounds 1 and 2 completed
    • picl-gherkin unit/functional is testable- Rounds 1 and 2 completed
    • scrypt-helper unit/functional/server should now be testable. Needs another round
  • Discuss (honest) progress towards Q3 goals. Where are we falling short?
    • Authentication Server for "PiCL" Production ready
      • We will deploy and document the server infrastructure to support email & password based authentication for "PiCL" - and to handle data encryption requiments for the product, we will work with client teams to confirm what we deliver is what they need. - Specs would be nice. It's hard to translate user stories into an MRD/PRD in my mind
      • Two clients written by two different teams against the API
        • Who are they people, what are they building, what is their schedule/status
          • desktop - zach
          • android - nick
        • Is the client side a requirement for Q3
      • REST versioning strategy tersely documented and implemented
        • Issue on IdP
        • Issue on scrypt-helper
        • Need to create issue on FAB
        • let's do it URL
        • action: do this before the end of the month
      • multi-region deployment
        • multi region cassandra deployment and load test in q4
        • coordinate with jared and gene in persona deployment of Persona
      • more scalable and security aware architecture
      • final database selected and deployed
        • Cassandra unless we encounter problems; depends on multi-region load test results
      • security review complete
        • need to do in Q4 after this stabilizes more
      • load tests
        • using "loads"
        • deployment of a loading testing cluster
        • deployment of a cluster of client machines
        • haven't successfully load tested the load we are targeting
        • need to crank up keysigning
        • action: rfk: produce load testing results
      • monitoring implemented
        • Heka routes data to log console in load test cluster
      • health dashboard implemented
        • Kibana for log searching
        • Q4 figure out general system health dashboard, preferably on to of Heka aggregated data
      • deployment strategy figured out (ideally rolling, if not, at least < 1 minute downtime)
        • will follow standard Mozilla Services deployment procedures
          • server must be capable of running versions N and N+1 side-by-side
          • good case: roll out new AMIs side-by-side with old ones, check for proper functioning, kill old AMIs
          • base case: drain traffic from a region, update region, re-enable.
        • Meeting #1 was this week with Gene - there is a lot of work to do here
      • Where are we with the arch for all of this - esp the relationship between IdP, FAB, SH and how will this look in FF vs. FxOS for example
      • Easier Sign up flows for "PiCL" Landed
        • We will land simplified sign-up for Sync/PiCL in Firefox for Android, and Firefox for Desktop. This is a heavily shared goal.
        • What are the minimum requirements for this flow? Same as for Persona or a subset of Persona? What about bridging? localization? compatibility with mozilla-idp? Simplest approach will be m1 (some email/string + a password)
  • Useful weekly REF for comparison: https://id.etherpad.mozilla.org/picl-product-coordination

Action Items:

  • A full-on arch diagram would be nice. We are so good at this for UX/UI, let's do it from an engr-perspective for FxA (or FA or whatever this is acronymed going forward)

Updates:

  • jbonacci:
    • Finishing up on the first few rounds of unit/functional testing
    • Working with Ryan on IdP and SH load testing, logging, monitoring, etc
    • Still pondering ideas for the V1-M1 Test Plan to cover Q3 requirements vs. Q4 requirements vs. general V* requirements going forward
  • spenrose:
    • TDD version of 911378 patch reviewed by ckarlof, zaach in Seattle
      • observer approach to be replaced by direct handle to FxAService
      • complete but fairly straightforward rewrite due next
  • warner: updated protocol with nalexander's suggestions, fixing up scrypt-helper
  • zaach:
    • subimitted new patch for 909967
    • refreshing other desktop patches

2013-09-16

Agenda:

  • Team is hacking away in Seattle this week

Updates:

  • jbonacci:
    • Continuing my work on installaing/configuring/testing the 3 main services: IDP, FAB, SH
    • Working through Ryan's load tests configs for IDP and FAB

2013-09-12

Agenda:

  • questions about reorg
  • lloyd is working on drafting our plan for the role of Persona in FxA

Action Items:

  • James needs us to fix bugs filed in github against scrypt-helper and picl-idp fx-account-bridge, failing tests
  • Nick is concerned about Persona on Fennec. He's thought about it a lot and would be a good resource on this.

Updates:


2013-09-09

Agenda: 2013-09-09 Agenda:

  • node-srp blog post?
  • Cassandra load testing blog post?
  • status updates

Updates:

  • nalexander:
  • jbonacci:
    • Finished first round of UI/UX testing (FAB/Gherkin stuff)
    • Working through some functional/unit tests on various repos
    • TBD: Look over vlad's stuff (client automation) and of course, there is load testing...
  • warner:
    • initial HAWK-in-moz patch ready for review (911384)
    • need to update keyserver-API spec to return uid during login
  • rfkelly:
    • scrypt-helper loadtest:
    • 2 x m1.large machines = ~4ops per second
    • some 500 Server Error, with no log output, need to dig into that today...
  • zaach:
    • taking in feedback on desktop client patches, refactoring
  • spenrose: Thanks to zaach and ckarlof getting traction on 911378
    • also getting up to speed on FxOS FTUnode-srp blog post?
    • Cassandra load testing blog post?
    • status updates

Updates:

  • nalexander:
  • jbonacci:
    • Finished first round of UI/UX testing (FAB/Gherkin stuff)
    • Working through some functional/unit tests on various repos
    • TBD: Look over vlad's stuff (client automation)and of course, there is load testing...
  • warner:
    • initial HAWK-in-moz patch ready for review (911384)
    • need to update keyserver-API spec to return uid during login
  • rfkelly:
    • scrypt-helper loadtest:
    • 2 x m1.large machines = ~4ops per second
    • some 500 Server Error, with no log output, need to dig into that today...
  • zaach:
    • taking in feedback on desktop client patches, refactoring
  • spenrose:
    • Thanks to zaach and ckarlof getting traction on 911378
    • also getting up to speed on FxOS FTU


2013-09-05

Agenda:

  • Lots of code for review:
  • 909967: Firefox Account Signed-in User module
  • 910844: Allow Firefox Accounts jelly to check signed-in status and to sign out
  • 910479: Store user credentials after Firefox Account creation/log in
  • 912188: FxAccount module should use a BrowserID assertion to retrieve and persist token from Sync 2.0 token server
  • 913199: Use HTTPS for FxAccounts server URL
  • Datatype election decision for MVP
  • No choices for MVP; better messaging for value prop and what data is synced

Notes:

Updates:

  • jbonacci:
    • Spending some time this week banging on the UI/UX flow and functionality covered in Bug 904612. Ryan K, Chris, and I ended up filing various issues based on my testing.
    • Spending some time this week unit/functional testing the 3 services: IdP, FAB, scrypt-helper.
    • Continuing work with Ryan on deployments, API testing ideas, and load testing for the 3 services
    • Separately - I am hammering out some Heka documentation for QA
  • dcoates
    • rejiggering the db layer for Cassandra
  • spenrose
    • Thanks to zaach and jedp able to do gaia dev on device
    • started on 911378
  • rnewman:
  • nalexander:
  • rfkelly:
    • switching on SSL certificates was not as easy as expected :-/
    • this week: loadtests run against scrypt-helper
  • zaach:
  • warner:
    • updated node-srp API, will make a new release probably tomorrow, then help update picl-idp to use it. Maybe blog about it next week.


2013-08-29

Agenda:

https://bugzilla.mozilla.org/show_bug.cgi?id=907415 Stuff Crystal wants to hear about? Stuff Crystal doesn't want to hear about:

  • Multi-region deployment?
   * this is on rfkelly's schedule for week ending Sep 13
  • Final DB selected?
  • Devops resources (Sent email to Mark, Lloyd). Maybe it will be Gene.
  • Status updates

Updates:


2013-08-26

Topics for discussion:

  • Get #904612 landed in elm
  • 1 month left in Q3. Q3 goal is that FA server is "production ready". Where we at with deployment planning and QA?
  • Status updates and weekly goals
  • Milestone 1 updates
    • First cut at Jelly auth code nearly landed in Fx (#904612, Zach, Vlad, Gavin, Tim). Includes password stretching and key retrieval. Next: produce a long-lived assertion for user.
    • Sam starting to work on talking to Sync 2.0 token server in Fx with long-lived assertion t(#907415)

Notes:

  • Still need resources from SvcOps (followup with Mark, Lloyd)

Updates:

  • rnewman:
    • Some progress on native scrypt benchmarking; shouldn't be far from being able to ship if we need it (along with native pbkdf2 on Android).
    • Working on deprecation indicator.
    • Raising hell on the mailing list.
    • After that, will start on meta server client and spec.
  • Zach
  • rfkelly:
  • warner:
    • fixing node-srp so we can use the upstream version
    • add (manual) (python) test code to exercise forgot-password flow
  • dcoates:

2013-08-22

Topics for discussion:

  • Hey, meet the new guy!
  • Pace of landing bugs, ownership moving forward

Notes:

  • jbonacci - Where can I get a run through of all the FxA mocks (UI flows), especially the second set that is "yet to be"?
  • jbonacci - will work with Zach next week to diagram this whole FxA stack with pictures!

Updates:

  • nalexander: https://wiki.mozilla.org/Mobile/Notes/21-Aug-2013#nalexander
  • rnewman:
  • jbonacci:
    • Working with the EU team on getting Loads for FxA and for Sync backend (new Sync)
    • Working with Dev and OPs to define process for standing up/supporting Stage environments for testing
    • Continuous updates to Test Plan for new Sync
    • Going over some of rfkelly's wiki pages
    • Plans next week to look at Loads with FxA (with rfkelly)
    • Tracking mocks changes with Crystal and John (flow #2)
  • dcoates:
    • fixed simplesmtp and verification tests
    • started on makefile and remote testing
  • rfkelly:
    • working with Rob on heka integration for dev and stageish environment
    • should have loadtest env ready for load by EOD
  • zaach:
    • email templates and verification page are done
    • fab server (static content for fxa) has been deployed to accounts.dev.lcip.org

2013-08-19

Topics for discussion:

Notes:

  • Action item is to file bugs to get us talking to the servers Ryan has set up
  • Action item is to script updates to Dev IdP from successful builds to master
  • 16-20 sept :: mobile team in Toronto

Updates:

2013-08-15

Topics for discussion:

  • Thank you nalexander for getting the bug tree generated and sent to the list
  • Lloyd met with Gavin S & Tim T to discuss workflow with desktop team
    • Tim & Lloyd are working on the bug tree list applicable for desktop - more to info to come from them tomorrow
  • stage deploys for FA servers
  • dev deploy for accounts.dev.lcip.org?
  • High level plan for Milestone 1 (non-shippable FA + Sync 1.1 in Nightly)
    • Sync 2.0 token server (BrowserId -> token)
    • Patch Sync 1.1 server to accept these tokens
    • Patch Sync 1.1 to use Sync 2.0 token server
    • Fx Desktop: Login to FA server in jelly about:accounts
    • Fx Android:
      • build content version for login first
      • later: native login experience
    • Use kB as the "sync key" in existing Sync
      • On password reset, wipe storage servers and reset sync key with new kB
  • Needs comments: Start of a definition of success criteria for server deployment: https://wiki.mozilla.org/Identity/AttachedServices/DeploymentPlanning/TrafficModel
  • Working through service description service: https://wiki.mozilla.org/User:Rnewman/ServiceDescription

Updates:


2013-08-12

Topics for discussion:

  • Deploy latest push to master? almost ready - waiting on dcoates PR
  • Restmail (AWS) vs. SMTP on localhost
  • Running unit/functional/integration against a remote server (env var vs. makefile)
  • useful for code coverage
  • Code coverage, generally - would be good to have it
  • True native UI vs Persona UI
  • Deployment - success criteria
    • rfkelly to write something up and send it out to sync-dev for a very quick review - some hybrid value between Persona and Sync*10
  • Account Service - keeping under control, setting a high bar
    • The possibility of a separate device server

Notes:

  • nalexander needs a desktop ticket ref from ckarlof
  • Comments needed on rfkelly's proposal

Updates:

  • jbonacci: More of the same - digging into picl-idp and all the supported/dependent repos. Some progress made on Loads. Some work on Heka v0.4.0
  • dcoates:
    • test case for email verification
    • beginning implemention of forgot password
  • rfkelly:
    • basic dev deployments for scrypt and idp
    • starting serious attempt at loads.js + picl-idp integration
    • get ball rolling on "deployment success criteria" discussion
  • zaach:
    • adding scrypt step to client
    • integrating client with mocks

2013-08-08

Topics for discussion:

  • Idea: Fx Account page delivered from the web
  • Sync 2.0 server experiments

https://hg.mozilla.org/services/services-central/file/0608a3b4c9d9/services/common/storageservice.js Notes:

  • FYI - Tauni attending TRIBE workshop

Updates:

2013-08-05

Topics for discussion:

Notes:

Updates:

  • jbonacci:
    • All PiCL-IdP, all the time (well ok, except when I am looking at Loads and Heka)
    • Working on the update to my original test planning document (which is now public)
  • rfkelly:
    • got AWS SES up and running, testing it with a full awsbox deployment now
    • started hacking on automated deployer, using browserid_deployer for inspiration
  • zaach
    • meeting with jedp + skinny tomorrow to discuss first sign-in on fxos
  • dcoates
    • updated node-srp
    • implementing next api changes

2013-08-01

Topics for discussion:

  • possibly break this meeting out will decide on Monday

Notes:

Updates:

2013-07-29

Topics for discussion:

Notes:

  • Tauni to set up time to meet with Chris initially, but will be working with everyone on defining work moving forward
  • Set up a Mozila Central twig for us to work off of

Updates:

  • jbonacci: Focused on picl-idp for most of this week. Will also be looking at updates to Loads and to Heka
  • dcoates: continuing implementation of key server
    • implemented mailer.js
    • added test cases for model classes
  • rnewman: writing up failure states (https://mobile.etherpad.mozilla.org/sync-failures ), lots of talking.
  • zaach: vetting FA api with node.js client
    • meeting with lloyd, jedp, sam to discuss sign in to device/web
  • rfkelly: rat-holed on trying to script a cassandra deploy, dissapointingly slow progress but hopefully near the end of it...

2013-07-25

Topics for discussion:

  • Results/feedback on the morning design review
    • See etherpad and long, long scrollback on #picl for 7/25

Notes:

  • New/extra attendees: David Chan, Mark Finkle, Gavin Sharp, rnewman
  • PIcl-IdP: New API is merged into Master, will get deployed by dcoates to AWS by end of week
  • ckarlof to work with gavin, rnewman on some desktop client ideas
  • Brian and Chris to dig into/evaluate Couch API

Updates:

  • jbonacci: all things picl-idp, riding the coat-tails of all the sync/picl/design/arch discussions
  • rfkelly: digging in to possibilities re: cassandra backend for picl-idp, loadtesting for picl-idp


2013-07-22

Topics for Discussion:

  • Tech review set up for Thursday, 25 July at 10 am PDT
    • may want to test the recording capability ahead of time

Notes:

  • New attendees: mmayo, mfinkle, rnewman, taras, gavin
  • Danny's Picl-IdP (matches current API) to go out this week.
  • UX/UI team to summarize results of Picl IdP/mocks user testing
  • regulatory requirements to provide a web-based account portal to delete accounts?
  • what future products/wishlist items will our auth design need to serve?

Updates:

  • jabonacci: Focus this week is on picl-idp unit/functional testing, and catching up with API changes, etc.
  • warner: initial keyserver OPEX estimate: $50k/yr for 100M users, hourly keysigning

2013-07-18

Topics for Discussion

  • Welcome rnewman to this meeting. :)
  • Brown bag
    • post-pone - at least 1 week due to technical review
  • PiCL Technical Review
    • [tauni/lloyd] set up - DONE :: scheduled 25 July

Project info:

Notes:

  • New email list! https://mail.mozilla.org/listinfo/sync-dev
  • Do we need to provide a quick FAQ differentiating 'sync' vs 'picl'?
    • Probably a good idea considering most people don't really understand either.
  • Crystal should be able to provide an update from this week's 'in-person' user testing during Monday's check-in

ACTION: everyone please review user stories https://wiki.mozilla.org/User:Dria/Firefox_Sync_User_Stories_-_July_2013

Updates

  • rfkelly:
    • talked with benson re: deployment, will start iterating on that under his advisement
    • need to sync up with zaach + danny re: data storage model
  • jbonacci:
    • Spending two days testing picl-mocks - filed a several issues.
    • After this, I am back to testing picl-idp and trying to get that working localhost --> AWS server.
    • On the side, work continues for POC of Sync and Picl load testing using Loads w/node.js support.
  • spenrose
    • crude pyramid web app takes string in URL, returns scrypt.hash()
    • initial orientation discussions re user modelling
  • zaach
    • got a ton of feedback on account creation/sign up flows from user testing
  • dcoates
    • implementing key server api(next)
    • shaves many yaks
    • should be done by Monday
Retrieved from "https://wiki.mozilla.org/index.php?title=Identity/PiCL/Engineering_Meeting_Notes&oldid=755104"