BrowserID Key Wrapping: Difference between revisions

Jump to navigation Jump to search

BrowserID Key Wrapping (view source)

Revision as of 03:20, 6 January 2012

35 bytes added ,  6 January 2012
→‎Architecture
Line 37: Line 37:


BrowserID generates a new key for each email address it verifies. We call this the user key.
BrowserID generates a new key for each email address it verifies. We call this the user key.
[[Image:Browserid-userkeys.png]]


BrowserID wraps this user key with a password-key derived from the user's password. When the user changes their password, the user-key is unwrapped and rewrapped appropriately. If the user loses their password completely, in the current specification, the user-key is unrecoverable and may as well be deleted.
BrowserID wraps this user key with a password-key derived from the user's password. When the user changes their password, the user-key is unwrapped and rewrapped appropriately. If the user loses their password completely, in the current specification, the user-key is unrecoverable and may as well be deleted.


[diagram of wrapped keys]
[diagram of wrapped keys]
BenAdida
668

edits

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/384350"

Navigation menu