autoconfig/ISPDB should be an official module and related Q's
lhirlimann at mozilla.com
Mon Sep 2 09:31:56 UTC 2013
On 26/08/13 22:10, Andrew Sutherland wrote:
> There doesn't appear to be a module corresponding to the ISPDB
> database entries or the helper web interface that was created. We
> should likely create one for clarity.
AFAIK the web interface is not in production but ancus standard8 might
> From the r= lines on existing commits to
> it looks like these are existing reviewers:
> - BenB
> - bwinton
> - gozer
> - sancus
Yep this is the current reviewers.
> There also seem to be some one-off reviewers that seem like it was
> indicating the owner of the service or the supplier of the config or a
> tester of the config.
> A few related questions, some of which may be answered by wiki pages
> or other existing docs that I was unable to find:
> - Is
> still the right repo? The last commit appears to have been made Sep
> 6, 2012.
Yes we are lagging behind both in reviews and comits.
> - How does the ISPDB get propagated into production?
> - What team within the Mozilla IT organization is responsible for it
> staying up? Would it make sense to transfer responsibility under
> whoever runs the Firefox OS services? Especially because Firefox OS
> devices get used around the world, my main concern would be making
> sure that we have the strongest uptime guarantee possible / the
> biggest pool of people on pager duty around the clock. I'm not aware
> of any historical problems, and maybe there is already one global
> pool. Either way, it would be great to get the autoconfig/ISPDB stuff
> listed on http://status.mozilla.com/ or what not.
I believe it is webops but I'm not sure. forwarding this properly to
get an asnwer ...
> - The attack tree for mobile Firefox OS devices that are using
> potentially suspect wi-fi and/or cellular data where it's feasible for
> attackers to set up fake cell towers is different than for
> Thunderbird. Thunderbird assumes a more trustworthy level of network
> connection. Since wide-spread DNSSEC support is unlikely in the
> immediate future, I could see us needing to re-visit how autoconfig is
> implemented for Firefox OS's e-mail client. Part of the solution
> might be to use the autoconfig server as something resembling a
> second, more trusted level of information. If your device's local
> network and the SSL-secured response from the autoconfig server agreed
> on the insecure DNS/HTTP lookups, that's reassuring data.
> We would not want to use the mozilla server as the sole source of
> truth since creating a single point of attack is a bad idea. And for
> simplicity and security audit purposes I would expect us to have the
> server still be based on a simple svn/hg/git checkout of static data
> so there's no dynamic app that could have security holes. If there is
> continued interest in still supporting self-signed certificates, it
> could also make sense for the ISPDB entries to indicate that
> self-signed certificate is known to be used and to include the exact
> Other factors are a desire to potentially include ActiveSync entries
> in the database or DNS SRV byproducts, which we previously touched on
> in the "Adding Exchange ActiveSync configs to the Mozilla ISP DB?"
> thread late last year.
> The question here is whether this use-case is different enough from
> Thunderbird's use-case that we should consider effectively forking the
> repo if we revisit the device's autoconfig setup and decide we do want
> a lot more? I think the XML schema was forward-looking enough that
> this wouldn't be required, but since Firefox OS devices exist in such
> a different world, I think it's worth raising the question, especially
> because we would likely be doing a lot of automated-but-human-skimmed
> entry creation. Also note that we may end up just installing the
> ISPDB entries on the device as a preliminary step in the future,
> albeit in a potentially more compressed representation.
[:Usul] SRE Team at Mozilla
QA Lead fof Thunderbird
More information about the tb-planning