Remind servers that they shouldn't overwrite signatures with those from a policy server (#2385)

* Remind servers that they shouldn't overwrite signatures with those from a policy server * changelog
2026-06-09 17:57:47 +02:00 · 2026-05-27 15:20:17 -06:00 · 2026-05-27 15:20:17 -06:00 · a0f4a9aa87
parent 76455209c2
commit a0f4a9aa87
2 changed files with 7 additions and 0 deletions
--- a/changelogs/server_server/newsfragments/2385.clarification
+++ b/changelogs/server_server/newsfragments/2385.clarification
@ -0,0 +1 @@
 Clarify that policy servers might share a name with event origins, and that servers should avoid overwriting/discarding signatures for the event origin when getting a policy server signature.
--- a/data/api/server-server/room_policy.yaml
+++ b/data/api/server-server/room_policy.yaml
@ -41,6 +41,12 @@ paths:
        What the Policy Server checks for when calling this endpoint is left as an
        implementation detail.
        {{% boxes/warning %}}
        The policy server name might be the same as the event's origin, and therefore the event might
        have existing signatures. Those existing signatures might not be returned by the policy server,
        but should be retained to validate the event.
        {{% /boxes/warning %}}
      operationId: askPolicyServerToSign
      security:
        - signedRequest: []
		`@ -0,0 +1 @@`
							`Clarify that policy servers might share a name with event origins, and that servers should avoid overwriting/discarding signatures for the event origin when getting a policy server signature.`