From ceb2425fe97763644b340ffffef5dcc07cb9759b Mon Sep 17 00:00:00 2001 From: _ <> Date: Mon, 13 Jan 2025 00:46:49 +0000 Subject: [PATCH] tidy up --- emailflow.md | 30 ++++++++++++++++++------------ 1 file changed, 18 insertions(+), 12 deletions(-) diff --git a/emailflow.md b/emailflow.md index 87a3aa1..454967c 100644 --- a/emailflow.md +++ b/emailflow.md @@ -1,27 +1,33 @@ # Email Flow -In creating an email flow that maintains PRIVACY and SECURITY whilst also being convenient to use, the following principles were observed: +In creating an email flow that maintains PRIVACY and SECURITY whilst also being convenient to use, the following principles are observed: - Keypair must be generated client-side -- Keypair must be protected by a long and complex password +- Keypair must be protected by a strong password - It must be possible to change the password -- It must remain possible to work offline +- It must be possible to work offline - Network traffic must not contain identifying metadata -All of the above is achieved using a high level signup flow as follows: +All of the above are achieved using a high level signup flow as follows: -1. User provides email and complex password -2. These are used to encrypt a locally generated keypair into a backup +1. User provides email and long (min 21 chars) password +2. These are used to encrypt a locally generated keypair 3. Email address, Public Key and encrypted backup are sent to the server -4. Account is validated +4. Email address is validated +5. Account is activated -The password is only used to encrypt/decrypt the local backup and is never stored or sent anywhere. +The password is only used to encrypt/decrypt the local backup and is never stored or sent outside of the browser -When perforing a login, the flow is: +When perforing a regular login, the flow is: -1. Generate a temporary key pair for secure server communication -2. Validate the email -3. Provide the encrypted keypair for the user to unlock +1. Validate the email +2. Provide the encrypted keypair for the user to unlock + +When performing a password reset: + +1. Change the pasword locally +2. Re-encrypt the keypair using the new password +3. Send the new backup to the server All key signing / encryption operations happen on client side using [private class properties](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Classes/Private_properties).