Services/Sync/KeyRecovery: Difference between revisions

Jump to navigation Jump to search

Services/Sync/KeyRecovery (view source)

Revision as of 04:47, 22 September 2011

87 bytes added ,  22 September 2011
→‎Wider Implications
No edit summary
Line 162: Line 162:
Ideally, we would move to a system that can provide authentication without the server learning the user's password.  HTTP-Digest-Auth at a minimum.  Something like the Secure Remote Password Protocol would be even better, but there's no current standard for integrating this into the HTTP-Auth workflow.
Ideally, we would move to a system that can provide authentication without the server learning the user's password.  HTTP-Digest-Auth at a minimum.  Something like the Secure Remote Password Protocol would be even better, but there's no current standard for integrating this into the HTTP-Auth workflow.


In any case, such a move is largely orthogonal to the development of the key recovery service itself.
In any case, since such a move will have to happen across the whole services infrastructure to be worthwhile, it's largely orthogonal to the development of the key recovery service itself.
Rfkelly
Confirmed users
358

edits

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/350266"

Navigation menu