BrowserID Key Wrapping: Difference between revisions

Jump to navigation Jump to search

BrowserID Key Wrapping (view source)

Revision as of 02:13, 28 March 2012

125 bytes added ,  28 March 2012
→‎Further Work
Line 79: Line 79:


Currently, if the user loses their password and must reset it, the user key UK might as well be thrown away, and data encrypted against that key is thus lost for good. In future work, we may evaluate a key escrow mechanism by which the key can be recovered, somehow. This is considered out of scope for now.
Currently, if the user loses their password and must reset it, the user key UK might as well be thrown away, and data encrypted against that key is thus lost for good. In future work, we may evaluate a key escrow mechanism by which the key can be recovered, somehow. This is considered out of scope for now.
If we do introduce key escrow, we would likely augment the API to explicitly allow escrow for certain keys, and not others:
BenAdida
668

edits

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/412815"

Navigation menu