From MozillaWiki
Jump to: navigation, search

J-PAKE is a technique that allows Alice and Bob to mutually authenticate and agree upon an encryption key, using only a pre-shared secret value. It is a zero-knowledge protocol, meaning this can be done without ever exposing the secret value to the other party.

  • Project Lead: dolske
  • Guest Star: sidstamm


Working on early investigation.


  • Make it possible to establish a TLS session without any CA or Certificate involved, by using J-PAKE and a pre-shared secret.
  • Maybe HTTP Auth too?

Non Goals

  • Form-based J-PAKE authentication. Maybe later.
  • Taking to a standards group/process. Will happen later.

Timeline / Milestones

  • 20 Apr @ 1: meeting to talk about initial investigation

These are the bugs of interest:

Bug Owner Status
bug 12345 - tbd unfiled


  • Investigating.


  • Will likely involve adding crypto code to NSS


TBD. QA not needed for initial prototype stage.

Related Projects