Ryan Kelly
6608daa23e
Updated onepw protocol (markdown)
2015-11-26 09:37:25 +11:00
Ryan Kelly
04752b867a
Updated onepw protocol (markdown)
2015-10-14 12:06:31 +11:00
Ryan Kelly
5a33bb3fdb
Updated onepw protocol (markdown)
2015-10-14 12:04:57 +11:00
Renoir Boulanger
b2c6109bb6
Typo
2014-05-30 11:42:52 -07:00
Brian Warner
5d3ad5f83a
update HAWK options.payload=true explanation
2014-03-21 15:24:43 -07:00
Brian Warner
f412a758fd
evil server == TLS-breaking MitM attacker
2014-02-26 12:27:54 -08:00
Sean Byrne
64c782d332
Adding password re-use to the "vs. old-Sync" section.
2014-02-08 10:03:01 -08:00
Brian Warner
1ddca86c8b
allow /account/create to return sessionToken/keyFetchToken
2014-01-21 15:35:33 -08:00
Brian Warner
e4a6a74d66
expand on consequences of no-MAC-on-keys, for Sync
2014-01-21 12:38:34 -08:00
Brian Warner
beca29601c
account-reset is web-based: code is no longer transcribed
2014-01-21 11:43:05 -08:00
Mark Mayo
9515a2f501
persona -> browserid rename to be more clear it's the proto we're using.
2014-01-13 16:25:56 -08:00
Brian Warner
5a9bc81e49
more attempts to fix the link
2014-01-06 16:18:58 -08:00
Brian Warner
ad1f26b19d
fix link
2014-01-06 16:03:04 -08:00
Brian Warner
f6aa933be7
add link to fetching-sync-keys
2014-01-06 16:01:45 -08:00
Brian Warner
d09e7335b9
add Extensions section on changing the client-side stretch parameters
2014-01-06 15:48:54 -08:00
Brian Warner
db1ea82f96
update security analysis, two-pw/pairing extensions
2014-01-03 18:49:46 -08:00
Brian Warner
0ca39593b9
rename the /account/login "sync_keys=true" option to just "keys=true"
2014-01-03 11:53:32 -08:00
Brian Warner
adc4a7db59
clarify reset/changepw flow: kA remains the same
2014-01-03 10:53:17 -08:00
Brian Warner
d573f17d15
update test vectors
2014-01-02 16:03:13 -08:00
Brian Warner
98a26fe876
remove stretchWrap, use wrap(wrap(kB))
2014-01-02 15:54:04 -08:00
Brian Warner
a77756778c
add HKDF details, s/forgotPasswordToken/passwordForgotToken/
...
We figured it was more important to match the API
name (/v1/password/forgot/*, which is sort of big-endian), even though
grammatically the token name would read better as
"forgotPasswordToken" (which is sort of little-endian). The specific
place that needs to match is the purpose/CTXinfo string passed into HKDF
when using this token to produce HAWK keys.
2013-12-20 16:52:36 -08:00
Brian Warner
d35c802b44
update notes on use of keyFetchToken
2013-12-20 10:24:18 -08:00
Brian Warner
239eebfa43
update endpoint-delta section
2013-12-18 15:50:12 -08:00
Brian Warner
b5ecb30df0
rename /auth/password to /account/login and login_and_get_keys
2013-12-18 15:32:42 -08:00
Brian Warner
9b27aad971
add test vectors
2013-12-17 18:22:53 -08:00
Brian Warner
7dfc93e6a9
add delta from old protocol, note about account-mode
2013-12-17 16:19:29 -08:00
Brian Warner
78d838c14a
more notes
2013-12-16 21:57:23 -08:00
Brian Warner
3bcab84ea4
more updates
2013-12-16 21:44:01 -08:00
Brian Warner
2027952133
update protocol-summary and typical-client-flows
2013-12-16 17:43:41 -08:00
Brian Warner
5fae3c3404
nope, that image was wrong
2013-12-16 17:28:51 -08:00
Brian Warner
63a78bfd5a
destroyAccount.png
2013-12-16 17:28:25 -08:00
Brian Warner
504d376405
new change-password protocol, distinct from reset-password
2013-12-16 17:27:44 -08:00
Brian Warner
d50c224fcf
updated images
2013-12-16 15:58:55 -08:00
Brian Warner
1f0fa7419d
new images
2013-12-16 15:47:05 -08:00
Brian Warner
6e8450526f
more rearranging
2013-12-16 15:00:01 -08:00
Brian Warner
c0d48a40b7
rearrange: auth, sync-keys, change/forgot-password, delete-account
2013-12-16 14:32:12 -08:00
Brian Warner
3ec012447e
add just-auth overview images
2013-12-16 14:25:52 -08:00
Brian Warner
5df3e6efbf
initial cut-down protocol description
2013-12-16 14:23:05 -08:00
Brian Warner
3e5eab2d29
remove test vectors for now
2013-12-16 13:32:57 -08:00
Brian Warner
d5eb257fd3
try to improve keyserver-protocol-summary section
2013-12-16 13:32:08 -08:00
Brian Warner
f4d94eaded
add images
2013-12-16 13:30:29 -08:00
Brian Warner
e6edcc4447
markdownify
2013-12-16 13:26:19 -08:00
Brian Warner
1133e4571b
import current https://wiki.mozilla.org/Identity/AttachedServices/KeyServerProtocol
2013-12-16 12:29:08 -08:00