autoconfig/ISPDB should be an official module and related Q's

Ludovic Hirlimann lhirlimann at mozilla.com
Mon Sep 2 09:31:56 UTC 2013


On 26/08/13 22:10, Andrew Sutherland wrote:
> There doesn't appear to be a module corresponding to the ISPDB
> database entries or the helper web interface that was created.  We
> should likely create one for clarity.
>
AFAIK the web interface is not in production but ancus standard8 might
know better.
> From the r= lines on existing commits to
> http://svn.mozilla.org/mozillamessaging.com/sites/ispdb.mozillamessaging.com/trunk/
> it looks like these are existing reviewers:
> - BenB
> - bwinton
> - gozer
> - sancus
>
Yep this is the current reviewers.
> There also seem to be some one-off reviewers that seem like it was
> indicating the owner of the service or the supplier of the config or a
> tester of the config.
>
>
> A few related questions, some of which may be answered by wiki pages
> or other existing docs that I was unable to find:
>
> - Is
> http://svn.mozilla.org/mozillamessaging.com/sites/ispdb.mozillamessaging.com/trunk/
> still the right repo?  The last commit appears to have been made Sep
> 6, 2012.
>
Yes we are lagging behind both in reviews and comits.
> - How does the ISPDB get propagated into production?
>
> - What team within the Mozilla IT organization is responsible for it
> staying up?  Would it make sense to transfer responsibility under
> whoever runs the Firefox OS services?  Especially because Firefox OS
> devices get used around the world, my main concern would be making
> sure that we have the strongest uptime guarantee possible / the
> biggest pool of people on pager duty around the clock.  I'm not aware
> of any historical problems, and maybe there is already one global
> pool.  Either way, it would be great to get the autoconfig/ISPDB stuff
> listed on http://status.mozilla.com/ or what not.
>
I believe it is webops but I'm not sure. forwarding this  properly to
get an asnwer ...
> - The attack tree for mobile Firefox OS devices that are using
> potentially suspect wi-fi and/or cellular data where it's feasible for
> attackers to set up fake cell towers is different than for
> Thunderbird.  Thunderbird assumes a more trustworthy level of network
> connection.  Since wide-spread DNSSEC support is unlikely in the
> immediate future, I could see us needing to re-visit how autoconfig is
> implemented for Firefox OS's e-mail client.  Part of the solution
> might be to use the autoconfig server as something resembling a
> second, more trusted level of information.  If your device's local
> network and the SSL-secured response from the autoconfig server agreed
> on the insecure DNS/HTTP lookups, that's reassuring data.
>
> We would not want to use the mozilla server as the sole source of
> truth since creating a single point of attack is a bad idea.  And for
> simplicity and security audit purposes I would expect us to have the
> server still be based on a simple svn/hg/git checkout of static data
> so there's no dynamic app that could have security holes.  If there is
> continued interest in still supporting self-signed certificates, it
> could also make sense for the ISPDB entries to indicate that
> self-signed certificate is known to be used and to include the exact
> key/fingerprint.
>
> Other factors are a desire to potentially include ActiveSync entries
> in the database or DNS SRV byproducts, which we previously touched on
> in the "Adding Exchange ActiveSync configs to the Mozilla ISP DB?"
> thread late last year.
>
> The question here is whether this use-case is different enough from
> Thunderbird's use-case that we should consider effectively forking the
> repo if we revisit the device's autoconfig setup and decide we do want
> a lot more?  I think the XML schema was forward-looking enough that
> this wouldn't be required, but since Firefox OS devices exist in such
> a different world, I think it's worth raising the question, especially
> because we would likely be doing a lot of automated-but-human-skimmed
> entry creation.  Also note that we may end up just installing the
> ISPDB entries on the device as a preliminary step in the future,
> albeit in a potentially more compressed representation.
Ludo

-- 
[:Usul] SRE Team at Mozilla
QA Lead fof Thunderbird
http://sietch-tabr.tumblr.com/




More information about the tb-planning mailing list