mozilla
/
fxa-auth-server
зеркало из https://github.com/mozilla/fxa-auth-server.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
onepw protocol
Ryan Kelly редактировал(а) эту страницу 2015-11-26 09:37:25 +11:00

Версии страницы вики

43 Коммитов

Автор SHA1 Сообщение Дата
Ryan Kelly 6608daa23e Updated onepw protocol (markdown) 2015-11-26 09:37:25 +11:00
Ryan Kelly 04752b867a Updated onepw protocol (markdown) 2015-10-14 12:06:31 +11:00
Ryan Kelly 5a33bb3fdb Updated onepw protocol (markdown) 2015-10-14 12:04:57 +11:00
Renoir Boulanger b2c6109bb6 Typo 2014-05-30 11:42:52 -07:00
Brian Warner 5d3ad5f83a update HAWK options.payload=true explanation 2014-03-21 15:24:43 -07:00
Brian Warner f412a758fd evil server == TLS-breaking MitM attacker 2014-02-26 12:27:54 -08:00
Sean Byrne 64c782d332 Adding password re-use to the "vs. old-Sync" section. 2014-02-08 10:03:01 -08:00
Brian Warner 1ddca86c8b allow /account/create to return sessionToken/keyFetchToken 2014-01-21 15:35:33 -08:00
Brian Warner e4a6a74d66 expand on consequences of no-MAC-on-keys, for Sync 2014-01-21 12:38:34 -08:00
Brian Warner beca29601c account-reset is web-based: code is no longer transcribed 2014-01-21 11:43:05 -08:00
Mark Mayo 9515a2f501 persona -> browserid rename to be more clear it's the proto we're using. 2014-01-13 16:25:56 -08:00
Brian Warner 5a9bc81e49 more attempts to fix the link 2014-01-06 16:18:58 -08:00
Brian Warner ad1f26b19d fix link 2014-01-06 16:03:04 -08:00
Brian Warner f6aa933be7 add link to fetching-sync-keys 2014-01-06 16:01:45 -08:00
Brian Warner d09e7335b9 add Extensions section on changing the client-side stretch parameters 2014-01-06 15:48:54 -08:00
Brian Warner db1ea82f96 update security analysis, two-pw/pairing extensions 2014-01-03 18:49:46 -08:00
Brian Warner 0ca39593b9 rename the /account/login "sync_keys=true" option to just "keys=true" 2014-01-03 11:53:32 -08:00
Brian Warner adc4a7db59 clarify reset/changepw flow: kA remains the same 2014-01-03 10:53:17 -08:00
Brian Warner d573f17d15 update test vectors 2014-01-02 16:03:13 -08:00
Brian Warner 98a26fe876 remove stretchWrap, use wrap(wrap(kB)) 2014-01-02 15:54:04 -08:00
Brian Warner a77756778c add HKDF details, s/forgotPasswordToken/passwordForgotToken/ 
We figured it was more important to match the API
name (/v1/password/forgot/*, which is sort of big-endian), even though
grammatically the token name would read better as
"forgotPasswordToken" (which is sort of little-endian). The specific
place that needs to match is the purpose/CTXinfo string passed into HKDF
when using this token to produce HAWK keys.
 2013-12-20 16:52:36 -08:00
Brian Warner d35c802b44 update notes on use of keyFetchToken 2013-12-20 10:24:18 -08:00
Brian Warner 239eebfa43 update endpoint-delta section 2013-12-18 15:50:12 -08:00
Brian Warner b5ecb30df0 rename /auth/password to /account/login and login_and_get_keys 2013-12-18 15:32:42 -08:00
Brian Warner 9b27aad971 add test vectors 2013-12-17 18:22:53 -08:00
Brian Warner 7dfc93e6a9 add delta from old protocol, note about account-mode 2013-12-17 16:19:29 -08:00
Brian Warner 78d838c14a more notes 2013-12-16 21:57:23 -08:00
Brian Warner 3bcab84ea4 more updates 2013-12-16 21:44:01 -08:00
Brian Warner 2027952133 update protocol-summary and typical-client-flows 2013-12-16 17:43:41 -08:00
Brian Warner 5fae3c3404 nope, that image was wrong 2013-12-16 17:28:51 -08:00
Brian Warner 63a78bfd5a destroyAccount.png 2013-12-16 17:28:25 -08:00
Brian Warner 504d376405 new change-password protocol, distinct from reset-password 2013-12-16 17:27:44 -08:00
Brian Warner d50c224fcf updated images 2013-12-16 15:58:55 -08:00
Brian Warner 1f0fa7419d new images 2013-12-16 15:47:05 -08:00
Brian Warner 6e8450526f more rearranging 2013-12-16 15:00:01 -08:00
Brian Warner c0d48a40b7 rearrange: auth, sync-keys, change/forgot-password, delete-account 2013-12-16 14:32:12 -08:00
Brian Warner 3ec012447e add just-auth overview images 2013-12-16 14:25:52 -08:00
Brian Warner 5df3e6efbf initial cut-down protocol description 2013-12-16 14:23:05 -08:00
Brian Warner 3e5eab2d29 remove test vectors for now 2013-12-16 13:32:57 -08:00
Brian Warner d5eb257fd3 try to improve keyserver-protocol-summary section 2013-12-16 13:32:08 -08:00
Brian Warner f4d94eaded add images 2013-12-16 13:30:29 -08:00
Brian Warner e6edcc4447 markdownify 2013-12-16 13:26:19 -08:00
Brian Warner 1133e4571b import current https://wiki.mozilla.org/Identity/AttachedServices/KeyServerProtocol 2013-12-16 12:29:08 -08:00