Confirm
471
edits
Changes
m
* define how wrap(kB) is unwrapped to get kB
→PiCL Key Server / IdP Protocol
= PiCL Key Server / IdP Protocol =
NOTE: This specification is under active development (2710-JunJul-2013). Several pieces are not yet complete. If you write any code based on this design, keep a close eye on this page and/or contact me (warner) on the #picl IRC channel to learn about changes. Eventually this will be nailed down and should serve as a stable spec for the PICL keyserver/IdP protocol.
Remaining TODO items:
* define decide on client-side key-stretching (PBKDF2+scrypt+PBKDF2)parameters
* finalize SRP questions (definition of M1, generation of a/b)
* finalize how getToken2() declares whether a signToken or a resetToken is desired
* provide test vectors for decrypting a resetToken
* finalize proof-of-work/DoS-prevention details
* confirm this is actually implementable inside Firefox (especially w.r.t. NSS)
= Creating The Account =
