Differentiate user identifiers

boltlabs-inc / key-mgmt-spec

Formal specification for the key management project

MIT License

3 stars 2 forks source link

Differentiate user identifiers #52

Closed marsella closed 2 years ago

marsella commented 2 years ago

We are using user_id for both OPAQUE and our application, but these identifiers should be different.

For OPAQUE, the user identifier should be human-memorable account information
For our application, user id is a 128-bit UUID.

The likely solution here is that the key server should generate and store the application user ID during registration (#11), and pass it back to the client during authentication (#10).

indomitableSwan commented 2 years ago

@marsella I think we should go ahead and make our user IDs internally generated, as you outline above.