On Wed, Dec 17, 2014 at 9:44 PM, Ryan Kelly <[email protected]> wrote: > > But this user public key should not be derived from the core kA/kB key > material. > > If it's a public key corresponding to kBr being a private key, why is it a problem ?
> [..] > In my proposal, kBr is a symmetric encryption key, so there is no > "corresponding public key". > > I am not sure you've mentioned how exactly kBr should be used. Stating that it's a private key, and generating the corresponding public key seems to make sense. What's the problem of doing this ? I am asking because I'd like to find a flow where we limit the number of public keys attached to a user stored in the user directory. Ideally, one key per user and service. I am not sure to understand the value of an extra level of indirection between kBr and a corresponding published public key. Cheers Tarek
_______________________________________________ Dev-fxacct mailing list [email protected] https://mail.mozilla.org/listinfo/dev-fxacct
