Confirmed users
358
edits
Identity/AttachedServices/Architecture: Difference between revisions
Jump to navigation
Jump to search
Identity/AttachedServices/Architecture (view source)
Revision as of 23:22, 6 June 2013
, 6 June 2013→Storage Server Authorization
| Line 57: | Line 57: | ||
This assertion must be verified with the usual public-key signature checks and .well-known lookup process. For performance, the Storage Server will only verify it once, then exchange it for a token that is easier to validate (either a nonce that maps to the validated account identifier and expiration time, or an encrypted/HMACed copy of the session data). Subsequent requests will be authorized by the token. | This assertion must be verified with the usual public-key signature checks and .well-known lookup process. For performance, the Storage Server will only verify it once, then exchange it for a token that is easier to validate (either a nonce that maps to the validated account identifier and expiration time, or an encrypted/HMACed copy of the session data). Subsequent requests will be authorized by the token. | ||
An initial draft of the storage-server protocol is [[Identity/AttachedServices/StorageProtocolZero|here]] and [Identity/AttachedServices/StorageServerProtocol|here]]. | An initial draft of the storage-server protocol is [[Identity/AttachedServices/StorageProtocolZero|here]] and [[Identity/AttachedServices/StorageServerProtocol|here]]. | ||
== Storage Server Format == | == Storage Server Format == | ||