30
edits
Talk:Session Restore: Difference between revisions
Jump to navigation
Jump to search
m
→Security of saved data
| Line 14: | Line 14: | ||
The algorithm I'm thinking goes something like this: | The algorithm I'm thinking goes something like this: | ||
# Session files have timestamp or incremental ID in their filename - "SavedSession03102006054627" | # Session files have timestamp or incremental ID in their filename - "SavedSession03102006054627" | ||
# The ID and encryption key for the last <n> saved sessions is held. ("n", so that users can keep up to 3 or 5 previous state backups in case one or more become corrupted in a crash) | # The ID and encryption key pair for the last <n> saved sessions is held. ("n", so that users can keep up to 3 or 5 previous state backups in case one or more become corrupted in a crash) | ||
# On restart, FF identifies the most recent saved session that it can decrypt and which has full integrity, and works with that backup. It also deletes any that it couldn't decrypt or which appear corrupted, and any key entries that don't appear to relate to actual valid saved session files. | # On restart, FF identifies the most recent saved session that it can decrypt and which has full integrity, and works with that backup. It also deletes any that it couldn't decrypt or which appear corrupted, and any key entries that don't appear to relate to actual valid saved session files. | ||
# When a new session backup is made, FF creates a random 256 bit key, encrypts the backup with that, and saves the new backup timestamp/decryption key pair for future use. | # When a new session backup is made, FF creates a random 256 bit key, encrypts the backup with that, and saves the new backup timestamp/decryption key pair for future use. | ||