Filip/matrix-spec
1
0
Fork 0
mirror of https://github.com/matrix-org/matrix-spec synced 2026-01-01 05:28:38 +01:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

Specify optional pepper rotation period

Browse source
This commit is contained in:
Andrew Morgan 2019-06-21 15:42:11 +01:00
parent 2383a55720
commit 53f025edfc
1 changed files with 6 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
proposals/2134-identity-hash-lookup.md
View file

@ -34,9 +34,12 @@ value, and the resulting digest MUST be encoded in unpadded base64.
Identity servers must specify their own hashing algorithms (from a list of
specified values) and peppers, which will be useful if a rainbow table is
released for their current one. Identity servers could also set a timer for
rotating the pepper value to further impede rainbow table publishing. As such,
it must be possible for clients to be able to query what pepper an identity
server requires before sending it hashes. A new endpoint must be added:
rotating the pepper value to further impede rainbow table publishing (the
recommended period is every 30m, which should be enough for a client to
complete the hashing of all of a user's contacts, but also be nowhere near as
long enough to create a sophisticated rainbow table). As such, it must be
possible for clients to be able to query what pepper an identity server
requires before sending it hashes. A new endpoint must be added:
```
GET /_matrix/identity/v2/hash_details