summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--anastasis.rst47
-rw-r--r--anastasis_reducer_backup.pngbin0 -> 358019 bytes
-rw-r--r--anastasis_reducer_recovery.pngbin0 -> 230078 bytes
3 files changed, 42 insertions, 5 deletions
diff --git a/anastasis.rst b/anastasis.rst
index bb206db3..e282b2f0 100644
--- a/anastasis.rst
+++ b/anastasis.rst
@@ -28,7 +28,7 @@ encrypting it with a **master key**. The main objective of Anastasis is to
ensure that the user can reliably recover the **core secret**, while making
this difficult for everyone else. Furthermore, it is assumed that the user is
unable to reliably remember any secret with sufficiently high entropy, so we
-cannot simply encrypt using some other key material in posession of the user.
+cannot simply encrypt using some other key material in possession of the user.
To uniquely identify users, an "unforgettable" **identifier** is used. This
identifier should be difficult to guess for anybody but the user. However, the
@@ -51,7 +51,7 @@ A **recovery document** includes all of the information a user needs to
recover access to their core secret. It specifies a set of **escrow
methods**, which specify how the user should convince the Anastasis server
that they are "real". Escrow methods can for example include SMS-based
-verification, Video-identfication or a security question. For each escrow
+verification, Video-identification or a security question. For each escrow
method, the Anastasis server is provided with **truth**, that is data the
Anastasis operator may learn during the recovery process to authenticate the
user. Examples for truth would be a phone number (for SMS), a picture of the
@@ -334,9 +334,9 @@ capacity.
--------------
-Anastasis API
--------------
+------------------
+Anastasis REST API
+------------------
.. _salt:
@@ -789,6 +789,43 @@ charge per truth operation using GNU Taler.
}
+---------------------
+Anastasis Reducer API
+---------------------
+
+This section describes the Anastasis Reducer API which is used by client applications
+to store or load the different states the client application can have.
+
+
+Backup Reducer
+^^^^^^^^^^^^^^
+.. figure:: anastasis_reducer_backup.png
+ :name: fig-anastasis_reducer_backup
+ :alt: fig-anastasis_reducer_backup
+ :scale: 35 %
+ :align: center
+
+ Backup states and their transitions.
+
+
+The illustration above shows the different states the reducer can have during a backup
+process.
+
+Recovery Reducer
+^^^^^^^^^^^^^^^^
+.. figure:: anastasis_reducer_recovery.png
+ :name: fig-anastasis_reducer_recovery
+ :alt: fig-anastasis_reducer_recovery
+ :scale: 35 %
+ :align: center
+
+ Recovery states and their transitions.
+
+
+The illustration above shows the different states the reducer can have during a recovery
+process.
+
+
.. _anastasis-auth-methods:
----------------------
diff --git a/anastasis_reducer_backup.png b/anastasis_reducer_backup.png
new file mode 100644
index 00000000..f4bf485b
--- /dev/null
+++ b/anastasis_reducer_backup.png
Binary files differ
diff --git a/anastasis_reducer_recovery.png b/anastasis_reducer_recovery.png
new file mode 100644
index 00000000..3dc497bd
--- /dev/null
+++ b/anastasis_reducer_recovery.png
Binary files differ