Loop/Architecture/Context: Difference between revisions

Jump to navigation Jump to search

Loop/Architecture/Context (view source)

Revision as of 23:25, 2 March 2015

104 bytes added ,  2 March 2015
→‎Information Privacy
Line 6: Line 6:
The context information is user-supplied, so we need to carefully consider privacy handling. The design below serves this purpose by storing the information on the Loop server in an encrypted form. Each room will have its own symmetric key, which will be available to the room owner and anyone to whom he provides the room URL. These room keys will never be available to any server.
The context information is user-supplied, so we need to carefully consider privacy handling. The design below serves this purpose by storing the information on the Loop server in an encrypted form. Each room will have its own symmetric key, which will be available to the room owner and anyone to whom he provides the room URL. These room keys will never be available to any server.


This section explains the means by which this achieved at the level of information flow. Details are provided in the sections below. See also {{Bug|1132293}}.
This section explains the means by which this achieved at the level of information flow. Details are provided in the sections below. See also {{Bug|1132293}}, which describes the API being implemented by the FxA client to facilitate the behavior described below.


When a Loop client logs into the FxA server, it will obtain a user-specific symmetric key, '''kB''', and an OAuth application identifier. The key '''kB''' is wrapped with the user's account login password. Upon obtaining the key, the FxA client unwraps '''kB''' for use as a master user key. This key is then used to derive a loop-specific key, kBr. The Loop client then derives a '''kRWrapper''' key via HKDF by mixing in the usage identifier "metadata."
When a Loop client logs into the FxA server, it will obtain a user-specific symmetric key, '''kB''', and an OAuth application identifier. The key '''kB''' is wrapped with the user's account login password. Upon obtaining the key, the FxA client unwraps '''kB''' for use as a master user key. This key is then used to derive a loop-specific key, kBr. The Loop client then derives a '''kRWrapper''' key via HKDF by mixing in the usage identifier "metadata."
AdamRoach
Confirmed users
632

edits

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/1059232"

Navigation menu