Research and design client bootstrap for soledad
h1. Soledad's client bootstrap
When a user logs in for the first time on a new device, the client will fetch and unlock non-human readable secrets from the server (to be used to decode the sync’ed data). These secrets will be encrypted using the user’s password, and perhaps be stored in a manner such that it is not easily identified with the user’s account (perhaps the id is a hmac of userid and password together, for example).
(from redmine: created on 2013-01-07, closed on 2013-02-18)