On 8/9/13 3:15 PM, Lloyd Hilaiel wrote: > 5. Security loss. > (proposed) A: Authing from content is inevitable. Belief is there's no > protocol sacrifices we need to make (full SRP from content is viable, > stretching viable with native help). Phishing related concerns are all > that remain mooted by the first sentence.
Chris and I are now talking about introducing an optional second password (maybe as a v2 thing). This would be used only for Sync, and would only ever be typed into FF chrome UI. It would be hashed into kB, maybe after stretching. If you use it, you couldn't get at your class-B data from a web portal. But you wouldn't need the second password to do FF Account stuff. That would fix the security loss, for folks who decided to use it. It'd look a lot like how Google Chrome does it. The existing auth protocol (with stretching and SRP) would still provide improved security (against passive attacks), even without the second password. cheers, -Brian _______________________________________________ Sync-dev mailing list [email protected] https://mail.mozilla.org/listinfo/sync-dev
