<html>
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<div class="moz-cite-prefix">On 2/1/15 18:21, Ryan Kelly wrote:<br>
</div>
<blockquote cite="mid:54CEC326.7070902@mozilla.com" type="cite">Also,
a small suggestion for the proposed encryption flow on
<a class="moz-txt-link-freetext" href="https://wiki.mozilla.org/Loop/Architecture/Context">https://wiki.mozilla.org/Loop/Architecture/Context</a>, where you say:
<br>
<br>
"""
<br>
The room context information is serialized as a JSON object, and
<br>
encrypted using kR
<br>
"""
<br>
<br>
The key kR is likely the only key material your relier will be
able to get. I recommend treating it like a master key and
deriving purpose-specific keys from it via HKDF, rather than using
it directly.
<br>
</blockquote>
<br>
I'm not sure what use cases you have in mind here, so it's not clear
to me where in the process you are proposing we create a derived
key. I can think of at least two different options, depending on
what you're trying to enable:<br>
<br>
<ol>
<li>The desktop client (encyrpter) derives a metadata key before
sending it to the link-clicker (decrypter).</li>
<li>The master key is be conveyed to the link clicker, so that
both sides may derive a number of application keys in parallel.<br>
</li>
</ol>
<br>
I've changed the write-up to reflect the first interpretation. If
this isn't what you meant, please clarify what you're trying to
accomplish so that I can adjust accordingly.<br>
<br>
Thanks!<br>
<br>
<div class="moz-signature">-- <br>
<div style="font-family:sans-serif"> <span
style="font-size:18,font-weight:bold">Adam Roach</span><br>
<span style="font-size:12">Principal Platform Engineer</span><br>
<span style="font-size:12"><a class="moz-txt-link-abbreviated" href="mailto:abr@mozilla.com">abr@mozilla.com</a></span><br>
<span style="font-size:12">+1 650 903 0800 x863</span><br>
</div>
</div>
</body>
</html>