Identity/AttachedServices/KeyServerProtocol: Difference between revisions

Jump to navigation Jump to search
m
Line 48: Line 48:
This same protocol is used, with slightly different methods and constants, to obtain the "accountResetToken". This token allows a client to safely reset the account password.
This same protocol is used, with slightly different methods and constants, to obtain the "accountResetToken". This token allows a client to safely reset the account password.


The protocol is optimized to minimize round-trips and to enable parallelism, to reduce the time it takes to connect a browser to the account to just a few seconds. As a result, the two messages it sends (/session/auth/start and /session/auth/finish) each perform multiple jobs. In total, the browser requires four messages in three roundtrips (1: auth/start, 2: auth/finish, 3: account/keys and certificate/sign) before it is ready to talk to the storage server.
The protocol is optimized to minimize round-trips and to enable parallelism, to reduce the time it takes to connect a browser to the account to just a few seconds. As a result, the two messages it sends (/session/auth/start and /session/auth/finish) each perform multiple jobs. In total, the browser requires four messages in three roundtrips (1: /session/auth/start, 2: /session/auth/finish, 3: /account/keys and /certificate/sign in parallel) before it is ready to talk to the storage server.


== auth/start ==
== auth/start ==
Confirmed users
471

edits

Navigation menu