webservices/safechat
1
0
Fork 0
Code Issues Pull Requests Releases Activity
Files
28a943f4ebcdfd5ebc136fbf1d215eba17b6d891
safechat/html/documentation.dox
Marc Wäckerlin 28a943f4eb added some comments and dokus
2015-07-15 13:54:52 +00:00

55 lines
2.0 KiB
Plaintext
Raw Blame History

/*! @file
@id $Id$
*/
// 1 2 3 4 5 6 7 8
// 45678901234567890123456789012345678901234567890123456789012345678901234567890
/** @page protocol SafeChat Protocol
@tableofcontents
@section security Security Concept
Neither the password nor the private key are sent to the
server. They remain under the user's control and in the user's
property. Only the user name and the public key are sent to the
server.
- The password is only kept in the browser's transient memory.
- The private key is kept in encrypted form in the browser's
persistent local storage.
- The public key is stored on server, so that other users can
lookup for a user's public key.
There are two secret security tokens: The password, that is in the
user's mind and the private key, which is in the user's device, in
the local storage of his browser. Messages can only be sent or
read with access to both security tokens.
@section newuser Create New User
If no credentials exist in the browser's local storage, the
browser asks the user for a user name and a password and creates a
private key that is encrypted with the password.
In the login(), the browser sends the user's name and public key
to the server. The server creates a new user, if the user does not
exist yet. Then the server returns, whether user name and public
key match to what he has in his table.
@msc
user, browser, server;
user -> browser [label="https://safechat.ch"];
browser -> server [label="index.html"];
browser <- server [label="safechat.js",URL="\ref safechat.js"];
user <- browser [label="register new user"];
user -> browser [label="username / password"];
browser -> browser [label="create openpgp-public/private keys"];
browser -> server [label="login.php(username, public-key)"];
server -> server [label="if user name does not exist:\nstore username/public-key"];
server -> browser [label="success"];
@endmsc
*/
Reference in New Issue View Git Blame Copy Permalink