Confirmed users
471
edits
Identity/CryptoIdeas/03-ID-Attached-Data: Difference between revisions
Jump to navigation
Jump to search
Identity/CryptoIdeas/03-ID-Attached-Data (view source)
Revision as of 20:15, 20 February 2013
, 20 February 2013describe A+ vs A-
(add images for polling/login) |
(describe A+ vs A-) |
||
| Line 27: | Line 27: | ||
bookmarks into class-A, but users should have the option of putting | bookmarks into class-A, but users should have the option of putting | ||
everything into class-C if they like (to behave like current FF Sync). | everything into class-C if they like (to behave like current FF Sync). | ||
These classes can be subdivided for other properties. For example, class-A | |||
can be split into "A+" in which the data is encrypted by the | |||
assertion-protected key before it is sent to the storage server, versus "A-" | |||
in which the data is given to storage servers in the clear, and the server | |||
only provides access to readers who present an assertion (or equivalent). In | |||
both cases, the end user can recover their data with just an assertion. In | |||
A+, the server doesn't see plaintext, so the user's reliance set (the list of | |||
parties who can see the user's data) includes just the IdP and the Keyserver. | |||
In A-, the storage server can manipulate the plaintext (perhaps to provide | |||
merge/reconcilliation, or search features), in exchange for which the | |||
reliance set grows to include the storage server. "A-" can also be | |||
accomplished on a user-by-user basis by delivering a decryption key to the | |||
storage server. | |||
== User Options == | == User Options == | ||