[GNUnet-SVN] [taler-anastasis] branch master updated: Corrected some ter

gnunet-svn

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[GNUnet-SVN] [taler-anastasis] branch master updated: Corrected some ter

From:	gnunet
Subject:	[GNUnet-SVN] [taler-anastasis] branch master updated: Corrected some terminology. Inserted possibility to obtain salt of the provider
Date:	Thu, 22 Aug 2019 18:10:14 +0200

This is an automated email from the git hooks/post-receive script.

dennis-neufeld pushed a commit to branch master
in repository anastasis.

The following commit(s) were added to refs/heads/master by this push:
     new c7107be  Corrected some terminology. Inserted possibility to obtain 
salt of the provider
c7107be is described below

commit c7107be8a8458959c0a9fbc5aabdb9b797ef0f15
Author: Dennis Neufeld <address@hidden>
AuthorDate: Thu Aug 22 18:10:00 2019 +0200

    Corrected some terminology. Inserted possibility to obtain salt of the 
provider
---
 glossary.html.j2          | 17 +++++++-------
 src/api/api-anastasis.rst | 60 +++++++++++++++++++++++++++++++----------------
 2 files changed, 49 insertions(+), 28 deletions(-)

diff --git a/glossary.html.j2 b/glossary.html.j2
index d87c351..be05c28 100644
--- a/glossary.html.j2
+++ b/glossary.html.j2
@@ -6,14 +6,15 @@
 <dt>{{ _("backup provider") }}</dt>
   <dd>
     {% trans %}
-      provider which holds the backup (e.g. encrypted masterkey of a GNU Taler 
Wallet) 
-      and the corresponding policies to restore the masterkey
+      provider which holds the backup of the service/program (e.g. GNU Taler 
Wallet), for which
+      we want to have the possibility to recover the masterkey.
     {% endtrans %}
   </dd>
-<dt>{{ _("key provider") }}</dt>
+<dt>{{ _("escrow provider") }}</dt>
   <dd>
     {% trans %}
-      provider which stores the keyshare belonging to a policy
+      provider which stores the backup of the masterkey and the corresponding 
policies for key
+      recovery and/or one or more keyshare(s).
     {% endtrans %}
   </dd>
 <dt>{{ _("truth") }}</dt>
@@ -27,19 +28,19 @@
 <dt>{{ _("(Escrow)Method") }}</dt>
   <dd>
     {% trans %}
-      method which is used to authorize the client to get the keyshare from 
the key provider
+      method which is used to authorize the client to get the key share from 
the escrow provider
     {% endtrans %}
   </dd>
 <dt>{{ _("(Decryption)Policy") }}</dt>
   <dd>
     {% trans %}
-      specification of how to decrypt the encrypted backup
+      specification of how to decrypt the encrypted masterkey backup
     {% endtrans %}
   </dd>
-<dt>{{ _("keyshare") }}</dt>
+<dt>{{ _("key share") }}</dt>
   <dd>
     {% trans %}
-      key which is shared with the key provider and belongs to a policy
+      partial key of the key needed to decrypt the masterkey backup of the 
corresponding policy.
     {% endtrans %}
   </dd>
 </div>
diff --git a/src/api/api-anastasis.rst b/src/api/api-anastasis.rst
index bc10e7e..48d2e5d 100644
--- a/src/api/api-anastasis.rst
+++ b/src/api/api-anastasis.rst
@@ -26,13 +26,37 @@ for all details not specified in the individual requests.
 
 For security reasons, we assume that the service is only accessed over TLS.
 
+.. _salt:
+
+-----------
+Obtain salt
+-----------
+
+.. http:get:: /salt
+
+  Obtain the salt used by the escrow provider.
+
+
+  **Response:**
+
+  Returns a `SaltResponse`_.
+
+  .. _SaltResponse:
+  .. _tsref-type-SaltResponse:
+  .. code-block:: tsref
+
+    interface SaltResponse {
+      // salt value, at least 128 bits of entropy
+      salt: string;
+    }
+
 .. _policy:
 
--------------------------------
-Manage policy - Backup provider
--------------------------------
+-------------
+Manage policy
+-------------
 
-This API is used by Anastasis clients to obtain or upload policies and the 
corresponding encrypted masterkey from/to the backup provider.
+This API is used by Anastasis clients to obtain or upload policies and the 
corresponding encrypted masterkey from/to the escrow provider.
 The client is identified and authorized by $ACCOUNT_PUB, which should be kept 
secret from third parties. $ACCOUNT_PUB should be an
 EdDSA public key. 
 
@@ -45,7 +69,7 @@ EdDSA public key.
   policy and the encrypted master public key. 
 
   :status 200 OK:
-    The backup provider responds with an `EncryptedPolicyDocument`_ object. 
This request should
+    The escrow provider responds with an `EncryptedPolicyDocument`_ object. 
This request should
     virtually always be successful, if the account exists.
 
   X-Anastasis-Version: $NUMBER --- return actual version number in header;
@@ -73,7 +97,7 @@ EdDSA public key.
   .. code-block:: tsref
 
     interface PolicyDocument {
-      // List of key providers and selected authentication method
+      // List of escrow providers and selected authentication method
       methods: EscrowMethod[];
 
       // List of possible decryption policies
@@ -90,7 +114,7 @@ EdDSA public key.
   .. code-block:: tsref
 
     interface EscrowMethod {
-      // URL of the key provider
+      // URL of the escrow provider
       provider_url : string;
 
       // Name of the escrow method (e.g. security question, SMS etc.)
@@ -117,10 +141,6 @@ EdDSA public key.
       // List of escrow methods identified by their uuid
       uuid: uuid[];
 
-      // Name of the service/program the masterkey is for (e.g. GNU Taler 
Wallet No.1, 
-      // GNU Taler Wallet No.2, KeePass No.1 etc.)
-      name: string;
-
     }
 
 
@@ -133,11 +153,11 @@ EdDSA public key.
    Otherwise, store new version.
    
 
-.. _keyshare:
+.. _escrow:
 
-------------------------------------------
-Manage key share for escrow - Key provider
-------------------------------------------
+---------------------------
+Manage key share for escrow
+---------------------------
 
 This API is used by Anastasis clients to share a key share with the
 key provider. The client is identified and authorized by $ACCOUNT_PUB, 
@@ -145,9 +165,9 @@ which should be kept secret from third parties. 
$ACCOUNT_PUB should be an
 EdDSA public key. 
 
 
-.. http:post:: /keyshare/$ACCOUNT_PUB/$UUID
+.. http:post:: /escrow/$ACCOUNT_PUB/$UUID
 
-  Send key share to key provider.
+  Send key share to escrow provider.
 
   **Request:** The request body must be a `KeyShare`_ object.
 
@@ -189,7 +209,7 @@ EdDSA public key.
     }
 
 
-.. http:get:: /keyshare/$ACCOUNT_PUB/$UUID
+.. http:get:: /escrow/$ACCOUNT_PUB/$UUID
 
   Request masterkey recovery.
 
@@ -204,7 +224,7 @@ EdDSA public key.
   :status 303 See Other:
     The key provider responds with a `EscrowChallenge`_ object.
   :status 304 Not Modified:
-    Empty body, the key provider will respond out-of-band.
+    Empty body, the key provider will respond out-of-band (i.e. SMS).
   :status 402 Payment Required:
     Payment Required 
   :status 404 Not Found:
@@ -232,7 +252,7 @@ EdDSA public key.
   .. code-block:: tsref
        
     interface Recovery {
-      // Escrow recovery nonce
+      // Escrow recovery key
       key: byte[32];
 
     }

-- 
To stop receiving notification emails like this one, please contact
address@hidden.

[Prev in Thread]

Current Thread

[Next in Thread]

[GNUnet-SVN] [taler-anastasis] branch master updated: Corrected some terminology. Inserted possibility to obtain salt of the provider, gnunet <=

Prev by Date: [GNUnet-SVN] [taler-exchange] branch master updated: more comments
Next by Date: [GNUnet-SVN] [taler-wallet-webex] branch master updated: support code for NFC tunneling
Previous by thread: [GNUnet-SVN] [taler-exchange] branch master updated: more comments
Next by thread: [GNUnet-SVN] [taler-wallet-webex] branch master updated: support code for NFC tunneling
Index(es):
- Date
- Thread