Filip/matrix-spec
1
0
Fork 0
mirror of https://github.com/matrix-org/matrix-spec synced 2026-04-30 14:14:09 +02:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

Clarify when the event_id domain needs a signature

Browse source
This commit is contained in:
timedout 2026-04-21 19:24:57 +01:00
parent c175953e80
commit 01082e7750
No known key found for this signature in database
GPG key ID: 0FA334385D0B689F
1 changed files with 6 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
content/server-server-api.md
View file

@ -1492,9 +1492,12 @@ signature](/appendices#checking-for-a-signature). Note that this
step should succeed whether we have been sent the full event or a
redacted copy.
Unless the event is a 3rd party invite, only the signature(s) from the
originating server (the server the `sender` belongs to) are required for
verification. If a signature is from an unknown or expired key, it is skipped.
For room versions 3 and later, unless the event is a 3rd party invite, only the
signature(s) from the originating server (the server the `sender` belongs to)
are required for verification. Room versions 1 and 2 also require that a
signature is present from the domain in the `event_id`, if it differs from the
originating server. If a signature is from an unknown or expired key, it is
skipped.
If the event is a 3rd party invite, the sender must already match the 3rd party
invite, and the server which actually sends the event may be a different