feat(rfc): Add RFC Parsec auth #9757
Open
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
FirelightFlagboy
force-pushed
the
8482-rfc-parsec-auth
branch
3 times, most recently
from
07b9da4 to
534f776
Compare
AureliaDolo
reviewed
Feb 20, 2025
mmmarcos
reviewed
Feb 20, 2025
AureliaDolo
reviewed
Feb 21, 2025
mmmarcos
reviewed
Feb 24, 2025
FirelightFlagboy
force-pushed
the
8482-rfc-parsec-auth
branch
2 times, most recently
from
5ea50e6 to
f00ca9e
Compare
AureliaDolo
reviewed
Mar 5, 2025
Comment on lines
+115
to
+116
| Alice ->> Alice: Create `AUTH_MEDIUM_SYM_KEY` using the password and `PBKDF_B` | ||
| Alice ->> Alice: Generate `AUTH_MEDIUM_PRIV_KEY`, `AUTH_MEDIUM_PUB_KEY` |
There was a problem hiding this comment.
is there a real difference between create and generate ?
Is it because the symetric key uses an input , and the asymetric pair doesn't ?
There was a problem hiding this comment.
I did not put effort to differentiate the usage of create and generate.
Is it something that should be considerate in the writing of this RFC?
| ### Obtain the account manifest from the server | ||
|
|
||
| The server store the encrypted account manifest that contain the important information about the user. | ||
| For the user to obtain the account manifest from the server it will do: |
There was a problem hiding this comment.
Suggested change
| For the user to obtain the account manifest from the server it will do: | |
| For the user to obtain the account manifest from the server they will do the following: |
There was a problem hiding this comment.
Why the plural form? we talk about a specific user
| For existing devices (created before/without the authentication service) the client would need to create and upload a remote device to the service (cf [Uploading a new device](#uploading-a-new-device)) in order to access Parsec from a web environment. | ||
|
|
||
|
|
||
| ### Global flow diagram |
FirelightFlagboy
force-pushed
the
8482-rfc-parsec-auth
branch
2 times, most recently
from
3b748be to
71e9043
Compare
Parsec auth would be a new service that store the device of the users securely and remotly to allow them to access those devices anywhere on any machine. Close #8482 Co-authored-by: Marcos Medrano <[email protected]>
FirelightFlagboy
force-pushed
the
8482-rfc-parsec-auth
branch
from
0a34bfc to
48ebbcb
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Parsec auth would be a new service that store the device of the users securely and remotly to allow them to access those devices anywhere on any machine.
Close #8482