MozillaWiki

BrowserID Key Wrapping: Difference between revisions

Page Discussion

BrowserID Key Wrapping (view source)

Revision as of 00:16, 19 January 2012

5 bytes removed ,  19 January 2012
→‎API and Overall Behavior
Line 3: Line 3:
== API and Overall Behavior ==
== API and Overall Behavior ==


A web site wants to have access to a securely stored cryptographic key bound to each of its users. That key should survive across multiple BrowserID logins, and be as stable as possible: if it is lost, the user's data that the site chooses to secure with this key will also be lost.
A web site wants to have access to a securely stored cryptographic key bound to each of its users. That key should be as stable as possible for a given user on a given web site: if it is lost, the user's data that the site chooses to secure with this key will also be lost.


BrowserID does <em>not</em> store any data on behalf of the web site. Instead, it provides a wrapping/unwrapping API. The web site is expected to generate the user's key, wrap it via BrowserID, and store the wrapped key on its own servers.
BrowserID does <em>not</em> store any data on behalf of the web site. Instead, it provides a wrapping/unwrapping API. The web site is expected to generate a key for the user, wrap it via BrowserID, and store the wrapped key on its own servers.


It goes like this:
It goes like this:
BenAdida
668

edits

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/388356"