Identity/AttachedServices/KeyServerProtocol: Difference between revisions

Jump to navigation Jump to search

Identity/AttachedServices/KeyServerProtocol (view source)

Revision as of 18:16, 22 June 2014

13 bytes added ,  22 June 2014
m
→‎Creating The Account: srpV is sent to /account/create too
m (→‎SRP Protocol Details: oops, RFC5054, not 5053)
m (→‎Creating The Account: srpV is sent to /account/create too)
 
Line 25: Line 25:
* randomly choose a 32-byte srpSalt (unique, but not secret)
* randomly choose a 32-byte srpSalt (unique, but not secret)
* create srpVerifier from srpPW and srpSalt (as described below)
* create srpVerifier from srpPW and srpSalt (as described below)
* deliver (email, stretchParams, mainSalt, srpParams, srpSalt) to the keyserver's "POST /account/create" API
* deliver (email, stretchParams, mainSalt, srpParams, srpSalt, srpVerifier) to the keyserver's "POST /account/create" API


The server, when creating a new account, creates both kA and wrap(kB) as randomly-generated 256-bit (32-byte) strings. It stores these, along with all the remaining values, indexed by email, in the account table where they can be retrieved by getToken later.
The server, when creating a new account, creates both kA and wrap(kB) as randomly-generated 256-bit (32-byte) strings. It stores these, along with all the remaining values, indexed by email, in the account table where they can be retrieved by getToken later.
Warner
Confirmed users
471

edits

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/991148"

Navigation menu