Basic Information Section
In fiscal Q4 2019-2020 the Product Infrastructure team plans to build the basic infrastructure for push notifications for the Wikimedia product platforms (iOS, Android, and web). The initial focus of the project will be on providing push notifications for the apps.
This project is to implement a basic push notification infrastructure for the Wikimedia products (web and apps). This infrastructure will consist of two software components: (1) a set of updates to the Echo extension to handle push; and (2) a new Node.js service (mediawiki/services/push-notifications). We are requesting input on the security and privacy aspects of the system design, as well as a pre-deployment Security Readiness Review.
Do you have a project/product/program plan or documentation?
What Security Team services do you anticipate needing?
- Threat Modeling
- Security Concept Review
- Security Readiness Review
What is the 'go live' date for deployment of this project
June 30, 2020
Privacy Information Section
Will any sensitive data to be collected, stored or exposed?
- The push notifications service will manage the storage of platform-issued subscriber tokens (for apps) or subscription data blobs (for web) provided by users. These will in turn be sent along to platform-specific push services in order to identify intended message recipients.
- Message content may expose a user's identity or interests
Technical Information Section
Do related discussions exist in Phab, on wiki, or in an RFC'?
- Extension: MediaWiki, PHP, MySQL
- Service: Node.js, Cassandra
Security Readiness Review Section
An anticipatory Security Readiness Review request has already been filed: T246712: Security Readiness Review for push notifications infrastructure
- Extension: Additions to https://gerrit.wikimedia.org/r/plugins/gitiles/mediawiki/extensions/Echo/
- Service: https://gerrit.wikimedia.org/r/plugins/gitiles/mediawiki/services/push-notifications/
- Maintainers: Product Infrastructure
Working test environment