Closed Bug 744629 Opened 13 years ago Closed 10 years ago

Make recovery key in Sync have self-consistency check

Categories

(Firefox :: Sync, enhancement)

Product:
Firefox
Component:
Sync
Type:
enhancement
Priority:
Not set
Severity:
normal

Tracking

()

Status:
VERIFIED WONTFIX

People

(Reporter: gkw, Unassigned)

References

Details

(Whiteboard: [sync:crypto])

Currently when we enter a new recovery key, all the bits are part of the entropy set. It would be nice if the key shown to the user had some internal consistency (think CRC) so that many of the simple mis-types of the key could be detected by the UI. E.g. I'm changing the recovery key to a new one, I type it in but I accidentally mistype an "l" (letter) for an "1" (number). Sync should point out that the key is not valid before submitting. Similar to credit card numbers. Thanks for Camilo for helping me formulate this description. :)
Good idea. Not something we can do with the current crypto scheme -- we can't change the format now that it's in widespread usage -- but it's something we can consider if we have a user input in v6: http://docs.services.mozilla.com/sync/storageformat6.html
Storage format 6 supports arbitrary metadata in the key pair representation. This arbitrary metadata could include a CRC, or similar. And, this is something we could add after storage format 6 has been rolled out. But, it would be nice to consider now, while we're still completely flexible. Also, we use a modified base32 alphabet today to avoid confusion between "l" and "1" and "o" and "0". That is no substitute for additional verification, of course.
bsmith is helping with the new crypto and might have an idea here.
sync triage: bsmith, your thoughts?
this is cool, but it not really a UI feature. moving to backend
Component: Firefox Sync: UI → Firefox Sync: Backend
Blocks: 821009
Whiteboard: [sync:crypto]
Is this now WONTFIX with Firefox Accounts around to replace the old Sync?
Flags: needinfo?(rnewman)
Yup; we no longer do user input of keys.
Status: NEW → RESOLVED
Closed: 10 years ago
Component: Firefox Sync: Backend → Firefox Sync: Crypto
Flags: needinfo?(rnewman)
Resolution: --- → WONTFIX
OK.
Status: RESOLVED → VERIFIED
Component: Firefox Sync: Crypto → Sync
Product: Cloud Services → Firefox
You need to log in before you can comment on or make changes to this bug.