mirror of
https://github.com/matrix-org/matrix-spec
synced 2026-03-04 10:44:10 +01:00
use .ready to accept a verification, plus some clarification
This commit is contained in:
Hubert Chathi
parent
1590ae224c
commit
91f51bb23e
|
|
@ -86,7 +86,7 @@ verification itself.
|
||||||
|
|
||||||
#### Accepting a key verification
|
#### Accepting a key verification
|
||||||
|
|
||||||
To accept a key verification, Bob will send an `m.key.verification.start` event
|
To accept a key verification, Bob will send an `m.key.verification.ready` event
|
||||||
with the following properties in its contents:
|
with the following properties in its contents:
|
||||||
|
|
||||||
TODO: MSC1849 may use `m.relationship` rather than `m.relates_to`, in which
|
TODO: MSC1849 may use `m.relationship` rather than `m.relates_to`, in which
|
||||||
|
|
@ -96,17 +96,38 @@ case this proposal should follow suit.
|
||||||
- `rel_type`: `m.reference`
|
- `rel_type`: `m.reference`
|
||||||
- `event_id`: the event ID of the key verification request that is being
|
- `event_id`: the event ID of the key verification request that is being
|
||||||
accepted
|
accepted
|
||||||
- `method`: the key verification method that is being used
|
- `methods`: an array of verification methods that the device supports
|
||||||
- `from_device`: Bob's device ID. This is required since some verification
|
- `from_device`: Bob's device ID. This is required since some verification
|
||||||
methods may use the device IDs as part of the verification process.
|
methods may use the device IDs as part of the verification process.
|
||||||
|
|
||||||
Clients should ignore `m.key.verification.start` events that correspond to
|
Clients should ignore `m.key.verification.ready` events that correspond to
|
||||||
verification requests that they did not send.
|
verification requests that they did not send.
|
||||||
|
|
||||||
|
After this, either Alice or Bob may start the verification by sending an
|
||||||
|
`m.key.verification.start` event with the following properties in its contents:
|
||||||
|
|
||||||
|
- `m.relates_to`: an object with the properties:
|
||||||
|
- `rel_type`: `m.reference`
|
||||||
|
- `event_id`: the event ID of the key verification request that is being
|
||||||
|
started
|
||||||
|
- `method`: the key verification method that is being used. This should be a
|
||||||
|
method that both Alice's and Bob's devices support.
|
||||||
|
- `from_device`: The user's device ID.
|
||||||
|
|
||||||
|
If both Alice and Bob send an `m.key.verification.start` message, and they both
|
||||||
|
specify the same verification method, then the event sent by the user whose
|
||||||
|
user ID is the smallest is used, and the other event is ignored. If they both
|
||||||
|
send an `m.key.verification.start` message and the method is different, then
|
||||||
|
the verification should be cancelled with a `code` of `m.unexpected_message`.
|
||||||
|
|
||||||
|
After the `m.key.verification.start` event is sent, the devices may exchange
|
||||||
|
messages (if any) according to the verification method in use.
|
||||||
|
|
||||||
#### Rejecting a key verification
|
#### Rejecting a key verification
|
||||||
|
|
||||||
To reject a key verification, Bob will send an `m.key.verification.cancel`
|
To reject a key verification, Alice or Bob will send an
|
||||||
event with the following properties in its contents:
|
`m.key.verification.cancel` event with the following properties in its
|
||||||
|
contents:
|
||||||
|
|
||||||
- `m.relates_to`: an object with the properties:
|
- `m.relates_to`: an object with the properties:
|
||||||
- `rel_type`: `m.reference`
|
- `rel_type`: `m.reference`
|
||||||
|
|
@ -135,7 +156,13 @@ properties in its contents:
|
||||||
|
|
||||||
This provides a record within the room of the result of the verification.
|
This provides a record within the room of the result of the verification.
|
||||||
|
|
||||||
Any subsequent key verification messages relating to the same request are ignored.
|
Any subsequent key verification messages relating to the same request are
|
||||||
|
ignored.
|
||||||
|
|
||||||
|
Although a client may have successfully completed its side of the verification,
|
||||||
|
it may wait until receiving an `m.key.verification.done` (or
|
||||||
|
`m.key.verification.cancel`) event from the other device before informing the
|
||||||
|
user that the verification was successful or unsuccessful.
|
||||||
|
|
||||||
#### Other events
|
#### Other events
|
||||||
|
|
||||||
|
|
@ -145,7 +172,7 @@ should have an `m.relates_to` property as defined for
|
||||||
`m.key.verification.accept` or `m.key.verification.cancel` events.
|
`m.key.verification.accept` or `m.key.verification.cancel` events.
|
||||||
|
|
||||||
Clients should ignore events with an `m.relates_to` that have a `rel_type` of
|
Clients should ignore events with an `m.relates_to` that have a `rel_type` of
|
||||||
`m.reference` that refer to a verification where it is not the requester
|
`m.reference` that refer to a verification where it is neither the requester
|
||||||
nor the accepter.
|
nor the accepter.
|
||||||
|
|
||||||
Clients should not redact or edit verification messages. A client may ignore
|
Clients should not redact or edit verification messages. A client may ignore
|
||||||
|
|
@ -242,13 +269,16 @@ then the hash commitment will be based on the message contents:
|
||||||
|
|
||||||
Messages sent by the verification methods, after the initial key verification
|
Messages sent by the verification methods, after the initial key verification
|
||||||
request message, could be sent as to-device messages. The
|
request message, could be sent as to-device messages. The
|
||||||
`m.key.verification.start`, `m.key.verification.cancel`, and
|
`m.key.verification.ready`, `m.key.verification.cancel`, and
|
||||||
`m.key.verification.done` messages must be still be sent in the room, as the
|
`m.key.verification.done` messages must be still be sent in the room, as the
|
||||||
`m.key.verification.start` notifies the sender's other devices that the request
|
`m.key.verification.ready` notifies the sender's other devices that the request
|
||||||
has been acknowledged, and the `m.key.verification.cancel` and
|
has been acknowledged, and the `m.key.verification.cancel` and
|
||||||
`m.key.verification.done` provide a record of the status of the key
|
`m.key.verification.done` provide a record of the status of the key
|
||||||
verification.
|
verification.
|
||||||
|
|
||||||
|
However, it seems more natural to have all messages sent via the same
|
||||||
|
mechanism.
|
||||||
|
|
||||||
## Potential issues
|
## Potential issues
|
||||||
|
|
||||||
If a user wants to verify their own device, this will require the creation of a
|
If a user wants to verify their own device, this will require the creation of a
|
||||||
|
|
@ -262,8 +292,8 @@ decryption keys are sent to all of the target user's devices), or should be
|
||||||
sent unencrypted, so that unverified devices will be able to be verified.
|
sent unencrypted, so that unverified devices will be able to be verified.
|
||||||
|
|
||||||
Users might have multiple Direct Messaging rooms with other users. In this
|
Users might have multiple Direct Messaging rooms with other users. In this
|
||||||
case, clients will need to prompt the user to select the room in which they
|
case, clients could need to prompt the user to select the room in which they
|
||||||
want to perform the verification.
|
want to perform the verification, or could select a room.
|
||||||
|
|
||||||
## Security considerations
|
## Security considerations
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue