On Mon 22.Aug'16 at 14:43:42 -0700, Richard Newman wrote: > Another option is to build a key escrow service, similar to the one Apple > hosts for FileVault encryption keys. > > A key escrow service would instead wrap a copy of kB with additional crypto > — print-and-save keys, a long series of questions: > > > This makes the process explicit, and doesn't touch core crypto; this is an > addition with a hook into recovery.
This might make sense from a product perspective, but it does increase the security burden on the sync/fxa infrastructure. We're not immune to breaches, or court orders, and the current crypto model has helped us build flexible infrastructure without being too worried of the impact of a breach. Maybe we could build an escrow service that's still in control of the user, for example by splitting the recovery key using shamir's secret sharing and assigning each part to a recovery step, with a threshold of 3 to reconstruct the recovery key. That's hard to do in practice, but solutions that doesn't depend on perfect infrastructure security will make everyone sleep better at night. - Julien _______________________________________________ Sync-dev mailing list [email protected] https://mail.mozilla.org/listinfo/sync-dev
