Confirmed users, Bureaucrats and Sysops emeriti
812
edits
Services/Sync/KeyWrappingOptions: Difference between revisions
Jump to navigation
Jump to search
no edit summary
(Created page with "===Problem to solve=== STB (Signin to Browser) currently depends on a wrapped key. Sync does not. What options do we have for supporting both options? It's also a new system,...") |
No edit summary |
||
| Line 7: | Line 7: | ||
gps did a comprehensive analysis of what's out there now: http://gregoryszorc.com/blog/2012/04/08/comparing-the-security-and-privacy-of-browser-syncing/ | gps did a comprehensive analysis of what's out there now: http://gregoryszorc.com/blog/2012/04/08/comparing-the-security-and-privacy-of-browser-syncing/ | ||
The biggest competitor we have is Chrome, who use a similar key- | The biggest competitor we have is Chrome, who use a similar key-derivation scheme as is proposed, while also allowing a user-selected passphrase that is not tied to the Google account password. | ||
===Open Questions and Possible Answers=== | ===Open Questions and Possible Answers=== | ||
| Line 17: | Line 17: | ||
* No, never (Sync creds/UX must exist forever in parallel) | * No, never (Sync creds/UX must exist forever in parallel) | ||
==== If we are not having a flag day in clients at launch, how can we support that (second and third options | ==== If we are not having a flag day in clients at launch, how can we support that (second and third options above)?==== | ||
* Completely independent services, Firefox offers choice between STB/Persona and Firefox Sync | * Completely independent services, Firefox offers choice between STB/Persona and Firefox Sync | ||