668
edits
Changes
→High-Level Architecture
[[Image:SyncNext.png]]
The REST API for Sync remains the same, only the authorization header changes, as per BrowserID+REST below. The nature of Sync data remains the same: nondurable. The main difference is that access to the data is authorized by a BrowserID Assertion.
Of course, this yields only encrypted data. We also propose a mechanism to use BrowserID (specifically its password) for key-wrapping purposes, so that logging into BrowserID can become sufficient to reclaim one's data from Sync.
== BrowserID + REST ==
== Key Wrapping ==