sync/sync_ux.txt
author Volker Birk <vb@pep.foundation>
Wed, 29 Aug 2018 21:49:28 +0200
branchsync
changeset 2903 33549a7c7191
parent 2832 e03dfbbaf5ef
permissions -rw-r--r--
safeguards
     1 p≡p Sync UX
     2 ===========
     3 
     4 Sync is a protocol to form one device group. It first is driving a
     5 transaction named the Negotiation. There are two situations Sync can be
     6 in:
     7 
     8 1) either there is no device group yet
     9 2) or there is already a device group
    10 
    11 Case 1):
    12 --------
    13 
    14 In case 1) we have two devices in the state Sole. When the user
    15 configures the first device, nothing happens. When the user configures
    16 the second device, it will detect that there is another device being in
    17 state Sole.
    18 
    19 The two devices detect each other. Both are showing a dialog asking the
    20 user: “There is another device detected. Shell we form a device group?”
    21 
    22 There are three possible answers:
    23 
    24 a) Accept
    25 b) Reject
    26 c) Cancel
    27 
    28 If one of the devices gets a Cancel, then the device group is NOT
    29 formed. Sync remains enabled on both devices. This is corresponding with
    30 a ROLLBACK of the Negotiation.
    31 
    32 If one of the devices gets a Reject, then the device group is NOT
    33 formed. Sync then is disabled on both devices. This is corresponding
    34 with a COMMIT of the Negotiation with the result REJECT.
    35 
    36 If both devices get an Accept, then the device group is formed. Sync is
    37 then enabled on both devices. This is corresponding with a two-phase
    38 COMMIT of the Negotiation with the result ACCEPT.
    39 
    40 Case 2):
    41 
    42 In case 2) we have at least two devices forming a device group already
    43 (named “old devices”), being in state Grouped. And we have one device,
    44 which is not yet in a device group (named “new device”), being in state
    45 Sole.
    46 
    47 The new device and the old devices detect that there is a new device,
    48 which could join the existing device group. The new device is showing
    49 a dialog with “There is already a device group. Shell this device join?”
    50 Possible answers are Join/Accept, Reject and Cancel. The old devices are
    51 ALL showing a dialog with “A new device is detected. Shell we accept
    52 the new device as new member in our device group?” Possible answers are
    53 Accept, Reject and Cancel.
    54 
    55 If one of the devices gets a Cancel, then the new device is NOT added to
    56 the device group. Sync remains enabled on all devices. This is
    57 corresponding with a ROLLBACK of the Negotiation.
    58 
    59 If one of the devices gets a Reject, then the new device is NOT added to
    60 the device group. Sync remains enabled on the old devices, but gets
    61 disabled on the new device. This is corresponding with a COMMIT of the
    62 Negotiation with the result REJECT.
    63 
    64 Only if the new device gets an Accept and at least one of the old
    65 devices gets an Accept, then the new device is added to the device group.
    66 Sync then remains enabled on the old devices, and gets enabled on the
    67 new device. This is corresponding with a COMMIT of the Negotiation with
    68 the result ACCEPT.
    69 
    70 Key sync is starting while Sync is taking place. The Sync dialog is a
    71 Trustwords dialog offering Trustwords to check for the user. User's
    72 decision is not only based on if she/he wants to have a device group in
    73 case 1) – or – if she/he wants to add a new device to an existing device
    74 group in case 2), but also on the question, if the Trustwords on the
    75 two handled devices (either the two Sole ones or the new one and one of
    76 the old ones) are identical.
    77 
    78 Because there is a Trustwords check, from then on the connection is
    79 becoming green, and secret keys will be sent and shared on all devices
    80 being member of the same device group.
    81 
    82 When Sync is switched off on a device, then it leaves the device group
    83 it is in. A Key reset is needed then on the remaining devices, dealing
    84 out new group keys for all own identities.
    85 
    86 Sync can be switched on in two ways:
    87 
    88 1) Switched on for all (default in p≡p apps)
    89 2) Switched on only for a list of accounts (reached by switching it off
    90    first)
    91 
    92 If Sync is enabled in 1) then adding a new account will have Sync for
    93 this account, too, implicitely.
    94 
    95 If Sync is enabled in 2) then adding a new account will have Sync
    96 switched off for this account by default.