On 7/03/2015 20:41, Dirkjan Ochtman wrote:
On Sat, Mar 7, 2015 at 1:04 AM, Richard Newman <[email protected]> wrote:
This isn't as easy as self-hosting Sync 1.1, but that's because the overall
system is more complicated, not because Mozilla is some nefarious actor
that's trying to steal your data.
I do seem to remember that in the early plans for FxA, there was to be
a mode where knowledgeable users could revert back to the old Sync
model, by circumventing the password -> key derivation, and instead
doing pairing. Has that fallen off the radar/planning?
It has not been forgotten, but it has not been scheduled or made more
concrete. We're talking about some related crypto ideas for our Q2
goals this year, but I don't want to make any promises.
Fancy pairing interfaces aside, I'd like to see an option for "secondary
encryption passphrase" in sync so advanced users have some was to avoid
the password->key derivation step. I suspect this could be achieved
with a fairly simple addon, but I currently have neither the knowledge
nor the time to pursue it myself.
I'd be happy to guide and mentor anyone who felt like taking that on as
a project though!
Cheers,
Ryan
_______________________________________________
Sync-dev mailing list
[email protected]
https://mail.mozilla.org/listinfo/sync-dev
