Closed noahtalerman closed 1 year ago
From product design review on 2022-12-20
QA: Try to break it. Turn it off, turn it on, turn it off, turn it on. Is it on?
@noahtalerman, ready for you to look at https://www.figma.com/file/hdALBDsrti77QuDNSzLdkx/%F0%9F%9A%A7-Fleet-EE-(dev-ready%2C-scratchpad)?node-id=11687%3A321888
@mike-j-thomas, thanks! The changes look great. I will bring them to today's design review (morning EST).
In the figma diagrams, in the "Reset Key" modal, it looks like we are saying refetch will immediately fetch the new recovery key. However, as per https://github.com/fleetdm/fleet/issues/8708, we are no longer using osquery to get the recovery key.
Does this need to be changed to issue an MDM command to get the recovery key? Alternatively, we could just wait for it to be retrieved eventually.
@noahtalerman
Does this need to be changed to issue an MDM command to get the recovery key?
@michalnicp good point. I don't think so. I think waiting for the key to be retrieved eventually is ok. That is, if Fleet gets the key within a reasonable amount of time after the key is reset (1-2 days). Is this the case?
The "Reset key" modal solves the following problem: I want Fleet to retrieve all keys. Sometimes, for various reasons, Fleet can't retrieve the key. For Fleet to retrieve the key, the key needs to be reset.
I think this is a separate problem: After I know the end user reset the key, I want to see the recovery key.
it looks like we are saying refetch will immediately fetch the new recovery key
In the modal we communicate to end user "Close this window and select Refetch on your My device page. This tells your organization that you reset your key.
How do you think we should update this^ sentence to clearly communicate that refetch doesn't fetch the new key?
Does this need to be changed to issue an MDM command to get the recovery key?
@michalnicp good point. I don't think so. I think waiting for the key to be retrieved eventually is ok. That is, if Fleet gets the key within a reasonable amount of time after the key is reset (1-2 days). Is this the case?
The "Reset key" modal solves the following problem: I want Fleet to retrieve all keys. Sometimes, for various reasons, Fleet can't retrieve the key. For Fleet to retrieve the key, the key needs to be reset.
I think this is a separate problem: After I know the end user reset the key, I want to see the recovery key.
it looks like we are saying refetch will immediately fetch the new recovery key
In the modal we communicate to end user "Close this window and select Refetch on your My device page. This tells your organization that you reset your key.
How do you think we should update this^ sentence to clearly communicate that refetch doesn't fetch the new key?
I see two potential options:
if Fleet gets the key within a reasonable amount of time after the key is reset (1-2 days). Is this the case?
This will be done as part of https://github.com/fleetdm/fleet/issues/8708. It is not specified in the issue yet, but I think 1 - 2 hours is a reasonable expectation.
From FileVault UX call on 2022-12-23
From the team meeting on Jan 5, 2023: we decided to use osquery to encrypted key that's generated when the FDERecoveryKeyEscrow
payload is installed.
This key is stored at /var/db/FileVaultPRK.dat
and officially supported by Apple, from the docs:
If FileVault is enabled after this payload is installed on the system, the FileVault PRK is encrypted with the specified certificate, wrapped with a CMS envelope and stored at /var/db/FileVaultPRK.dat. The encrypted data is made available to the MDM server as part of the SecurityInfo command.
Alternatively, if a site uses its own administration software, it can extract the PRK from the foregoing location at any time. Because the PRK is encrypted using the certificate provided in the profile, only the author of the profile can extract the data.
Hey @mike-j-thomas can you please help me with the UI for disk encryption status? I assigned you this issue and added it to the marketing board.
Here's a link to the Figma page (screenshot below): https://www.figma.com/file/hdALBDsrti77QuDNSzLdkx/%F0%9F%9A%A7-Fleet-EE-(dev-ready%2C-scratchpad)?node-id=11687%3A321888
Here's a Loom video of me walking through the UI problem and explaining what I could use your help on: https://www.loom.com/share/5fff6fe611ed486280612c19b884b086
@mike-j-thomas I unassigned you and removed the issue from the marketing board.
Context is here in Slack (internal): https://fleetdm.slack.com/archives/C01ALP02RB5/p1673404102816089
Backend + Agent: ~13 points Frontend: ~8 points
Total: 21 points
@zhumo @roperzh @chris-mcgillicuddy after your feedback during today's product design review, I made these UI changes (screenshots below). I let Luke know that this issue is ready for engineering specs + estimation. That said, please let me know if you have any thoughts concerns.
Here's a link to the Figma page: https://www.figma.com/file/hdALBDsrti77QuDNSzLdkx/%F0%9F%9A%A7-Fleet-EE-(dev-ready%2C-scratchpad)?node-id=11724%3A323171&t=jcN8RrQg2gWonjEh-1
Thanks Noah, LGTM
@roperzh @ghernandez345 Assigning this to the two of you to create the child issues.
Hey @roperzh @ghernandez345 updates to this issue following today's design review (2022-01-13)
cc @zhumo
@ghernandez345 @roperzh Heads up, we're going to defer this epic to the sprint after next, so we have some time to spec put a detailed estimate on this one.
@zhumo the Whiteboard for Pricing CX Review indicates that we'd like "Disk encryption key escrow" to be a Fleet Premium feature. To handle this in the planned UX, I propose that "turn on disk encryption" AND "key escrow" are both paid features. This is because the planned UX bundles turn on and key escrow in one setting (see screenshots below).
This means that free users won't be able to use disk encryption key escrow OR turn on disk encryption at all because we plan to prevent users from adding a custom configuration profile to turn it on (exact error message below).
I think this is ok because we could allow free users to use a custom configuration profile in the future.
What do you think?
@noahtalerman works for me.
@noahtalerman Don't forget the other side. If you had premium and turned it on, but lapse, you should not be able to see the key.
@lukeheath we'd like "Disk encryption" to be a paid feature. This means that only Fleet Premium users can turn on disk encryption and see the disk encryption key.
I updated the Figma for this issue and the "See disk encryption key for macOS hosts" issue (here) to indicate this. Screenshots are below.
Luke, up to you if we update the requirements as part of these stories or break making them paid into a new story. Goal is to have disk encryption be paid by April launch.
Please let me know if I can be helpful with updating designs and specs.
@noahtalerman Thanks! We can roll that into the existing stories.
@roperzh I am assigning this story to you to manage and bring to QA.
@noahtalerman just a heads-up, the Figma mentions alternate text for Fleet Free users for activities, but it's a Fleet Premium-only feature (e.g.: https://www.figma.com/file/hdALBDsrti77QuDNSzLdkx/%F0%9F%9A%A7-Fleet-EE-(dev-ready%2C-scratchpad)?node-id=12227%3A330387&t=mFjQZKzp1Txmk8vM-0 )
This story was brought back to the drafting phase for priority drafting because Roberto surfaced a potential UX problem with the current solution.
This comment documents the options discussed and decision made during design review on 2022-03-14.
Context:
UX Problem:
Options:
Present a “Reset key” button in Fleet Desktop dropdown
My device page talks to fleetd directly
My device page talks to Fleet server. Update the UI to tell the user they’ll have to wait 30 seconds
Decision: Go with option (3)
Reasoning:
cc @mikermcneil @zhumo @lukeheath @roperzh ^^
XSJvN5DGz1
Secure data in clouds,
As data transmission's key.
Fleet's encryption helps.
@noahtalerman Re-opening, moving to "Confirm and celebrate", and assigning to you.
C&C: Need to document that the feature current has 30 min to get the key. Can be triggered with a fleetctl trigger command.
FileVault takes flight, Mac hosts find encryption, Secured disks alight.
User story
As an IT admin, I want to turn on FileVault (Disk encryption) on my macOS hosts so that I know the disk is encrypted and secure.
Requirements
Design
UI
https://www.figma.com/file/hdALBDsrti77QuDNSzLdkx/%F0%9F%9A%A7-Fleet-EE-(dev-ready%2C-scratchpad)?node-id=11728%3A323053&t=tDSDpng9HNhTcAjy-1