Confirmed users
400
edits
Services/Sync/Features/MigrateToDigestAuth: Difference between revisions
Services/Sync/Features/MigrateToDigestAuth (view source)
Revision as of 22:06, 30 August 2011
, 30 August 2011no edit summary
No edit summary |
No edit summary |
||
| Line 7: | Line 7: | ||
{{FeatureTeam}} | {{FeatureTeam}} | ||
{{FeaturePageBody | {{FeaturePageBody | ||
|Feature open issues and risks | |Feature open issues and risks=Sync web servers receive username/pass in cleartext (BasicAuth) through https before handing them off to LDAP/mySQL. Will be a problem when we store sync-keys protected by username/pass, because access to Sync web servers will be point of vulnerability. | ||
If an attacker gains control of Sync web servers, they will have access to username/pass in cleartext, can use these credentials to access sync-key, and then unencrypt user data stored on Sync web servers. | |||
|Feature overview=Replace BasicAuth with more secure system where Sync web servers do not have access to cleartext passwords. This protocol can be DigestAuth, public/private key, etc, needs to be cleared with Security. | |||
|Feature users and use cases=Users using Sync will use more secure protocol (not BasicAuth) to authenticate access to Sync web servers. Passwords must not be passed around in plaintext. | |||
Migration: | |||
DigestAuth: will revert to BasicAuth once for calculating hash of password for authentication, and will use DigestAuth for all future authentication. | |||
|Feature implementation notes=* https://bugzilla.mozilla.org/show_bug.cgi?id=445757 | |Feature implementation notes=* https://bugzilla.mozilla.org/show_bug.cgi?id=445757 | ||
}} | }} | ||