Closed
Bug 744955
Opened 12 years ago
Closed 11 years ago
Security Review for TB: Modern Address Book - V1
Categories
(mozilla.org :: Security Assurance: Review Request, task)
mozilla.org
Security Assurance: Review Request
Tracking
(Not tracked)
RESOLVED
WONTFIX
People
(Reporter: curtisk, Assigned: amuntner)
References
()
Details
(Whiteboard: [pending secreview][start yyyy-mm-dd][target yyyy-mm-dd][score:0:Low])
Who is/are the point of contact(s) for this review? Please provide a short description of the feature / application (e.g. problem solved, use cases, etc.): Please provide links to additional information (e.g. feature page, wiki) if available and not yet included in feature description: Does this request block another bug? If so, please indicate the bug number This review will be scheduled amongst other requested reviews. What is the urgency or needed completion date of this review? Please answer the following few questions: (Note: If you are asked to describe anything, 1-2 sentences shall suffice.) Does this feature or code change affect Firefox, Thunderbird or any product or service the Mozilla ships to end users? Are there any portions of the project that interact with 3rd party services? Will your application/service collect user data? If so, please describe If you feel something is missing here or you would like to provide other kind of feedback, feel free to do so here (no limits on size): Desired Date of review (if known from https://mail.mozilla.com/home/ckoenig@mozilla.com/Security%20Review.html) and whom to invite.
Comment 1•12 years ago
|
||
Hey Curtis. (In reply to Curtis Koenig [:curtisk] from comment #0) > Who is/are the point of contact(s) for this review? I am. > > Please provide a short description of the feature / application (e.g. > problem solved, use cases, etc.): At this point, the feature is still in the design / definition state (see https://wiki.mozilla.org/Features/Thunderbird). The general idea is to replace the current Thunderbird address book with one that's more useful (ie, it allows multiple email addresses, multiple phone numbers, etc). > > Please provide links to additional information (e.g. feature page, wiki) if > available and not yet included in feature description: N/a. So reading through the rest of your comment, it looks like you want to do security review on this feature...but the feature hasn't been defined yet. Especially with the drive to the k9o event, some interesting initiatives have sprung up in the b2g project that might contribute to this one, but we're still doing our preliminary investigations. The feature page will almost certainly be overhauled once those investigations have been completed. Perhaps we can postpone the security review until after all of that work is completed? -Mike
Reporter | ||
Comment 2•12 years ago
|
||
Yes, it is fine to postpone, when the feature reaches or nears design complete state that is a good time for us to do a review.
Reporter | ||
Updated•12 years ago
|
Assignee: nobody → curtisk
Whiteboard: [pending secreview] → [pending secreview][triaged waiting]
Reporter | ||
Updated•12 years ago
|
Assignee: curtisk → amuntner
Status: NEW → ASSIGNED
Whiteboard: [pending secreview][triaged waiting] → [pending secreview][start yyyy-mm-dd][target yyyy-mm-dd]
Updated•12 years ago
|
Summary: TB: Modern Address Book - V1 → Security Review for TB: Modern Address Book - V1
Comment 3•12 years ago
|
||
Curtis, in case the new summary (starting with "Security Review for...") breaks your naming patterns, then please add [Security review] at the *end* of the summary, so that it's clear from search results that this bug is not about the TB feature "new AB" as such, but only about the sec-review. Having "Security Review" in the title will be in your best interest, to prevent users from dropping comments here on features of the new AB. Not everybody is aware of bug components, they are not displayed on search results, and it's easy to overlook them on the bug itself if the summary explicitly features "TB".
Summary: Security Review for TB: Modern Address Book - V1 → TB: Modern Address Book - V1
Comment 4•12 years ago
|
||
Sorry for spam, BMO was playing tricks on fields again... wasn't me
Summary: TB: Modern Address Book - V1 → Security Review for TB: Modern Address Book - V1
Reporter | ||
Comment 5•12 years ago
|
||
Risk/Priority Ranking Exercise https://wiki.mozilla.org/Security/RiskRatings Priority: N/A Operational: 0 - N/A User: 0 - N/A Privacy: 0 - N/A Engineering: 2 - Normal Reputational: 0 - N/A Priority Score: 0
Whiteboard: [pending secreview][start yyyy-mm-dd][target yyyy-mm-dd] → [pending secreview][start yyyy-mm-dd][target yyyy-mm-dd][score:0::Low]
Assignee | ||
Updated•12 years ago
|
Whiteboard: [pending secreview][start yyyy-mm-dd][target yyyy-mm-dd][score:0::Low] → [pending secreview][start yyyy-mm-dd][target yyyy-mm-dd][score:0:Low]
Assignee | ||
Comment 6•11 years ago
|
||
Is this still a live initiative?
Comment 7•11 years ago
|
||
Thanks for pinging this. The initiative is being developed as an add-on for now at https://github.com/mikeconley/thunderbird-ensemble. The hope is to eventually merge the work into core - we'd likely want to do a proper security audit before that time. But as for now, I think it's safe to remove this job from your queue.
Reporter | ||
Updated•11 years ago
|
Flags: needinfo?(mconley)
Reporter | ||
Updated•11 years ago
|
Flags: needinfo?(mconley)
Assignee | ||
Comment 8•11 years ago
|
||
Thanks Mike
Assignee | ||
Updated•11 years ago
|
Status: ASSIGNED → RESOLVED
Closed: 11 years ago
Resolution: --- → WONTFIX
You need to log in
before you can comment on or make changes to this bug.
Description
•