CloudServices/Sagrada/TokenServer: Difference between revisions

Jump to navigation Jump to search

CloudServices/Sagrada/TokenServer (view source)

Revision as of 00:21, 12 January 2012

189 bytes removed ,  12 January 2012
→‎Definitions and assumptions
No edit summary
Line 51: Line 51:
* '''Metadata Token''': used to send application-specific metadata for the Service.
* '''Metadata Token''': used to send application-specific metadata for the Service.
* '''Master Secret''':  a secret shared between Login Server and Service Node. Never used directly, only for deriving other secrets.
* '''Master Secret''':  a secret shared between Login Server and Service Node. Never used directly, only for deriving other secrets.
* '''Signing Secret''': derived from the master secret, used to sign auth and metadata tokens. For example: sig-secret = HKDF_Expand(master-secret, "SIGN")
* '''Signing Secret''': derived from the master secret, used to sign auth and metadata tokens.
* '''Encryption Secret''': derived from the master secret, used to encrypt the metadata token. For example: enc-secret = HKDF_Expand(master-secret, "ENCRYPT")
* '''Encryption Secret''': derived from the master secret, used to encrypt the metadata token.
* '''Token Secret''':  derived from the master secret and auth token, used as '''oauth_consumer_secret'''. This is the only secret shared with the client and is different for each token. For example: token-secret = HKDF_Expand(master-secret, auth-token)
* '''Token Secret''':  derived from the master secret and auth token, used as '''oauth_consumer_secret'''. This is the only secret shared with the client and is different for each auth token.
 




Rfkelly
Confirmed users
358

edits

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/386416"

Navigation menu