Confirmed users
971
edits
Crypto Proxy: Difference between revisions
Jump to navigation
Jump to search
→Sync Key Management
| Line 32: | Line 32: | ||
To decrypt records, a Sync Client either needs the Sync Key or the Bulk Key for a specific collection. | To decrypt records, a Sync Client either needs the Sync Key or the Bulk Key for a specific collection. | ||
Ideally these keys are not shared with | Ideally these keys are not shared with Firefox Home at all because they give you a carte blanche to access sync. | ||
Since the Crypto Proxy gives access to plain text sync data, there is no concern about handing over Sync Keys or Bulk Keys to | Since the Crypto Proxy gives access to plain text sync data, there is no concern about handing over Sync Keys or Bulk Keys to Firefox Home. | ||
There is of course still the issue of the Crypto Proxy having to maintain these keys in some plain text way. | There is of course still the issue of the Crypto Proxy having to maintain these keys in some plain text way. | ||
Since the Crypto Proxy is in charge, the key management becomes an internal detail and can be implemented in any way and can also be changed later on without | Since the Crypto Proxy is in charge, the key management becomes an internal detail and can be implemented in any way and can also be changed later on without Firefox Home depending on any specific details. | ||
(We talked about giving some collections a different Bulk Key and sharing that key with Firefox Home. That would prevent us from compartmentalizing access or supporting multiple applications in the future. The Sync Proxy solves that problem) | (We talked about giving some collections a different Bulk Key and sharing that key with Firefox Home. That would prevent us from compartmentalizing access or supporting multiple applications in the future. The Sync Proxy solves that problem since it sits between apps and sync.) | ||
==== Permissions Management ==== | ==== Permissions Management ==== | ||