Filip/matrix-spec
1
0
Fork 0
mirror of https://github.com/matrix-org/matrix-spec synced 2025-12-26 10:58:38 +01:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

Remove point about Element showing unexpected devices

Browse source
This commit is contained in:
Will Hunt 2021-05-05 23:03:15 +01:00 committed by GitHub
parent 538ac0940e
commit b8ab3d0c87
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 0 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
proposals/2778-appservice-login.md
View file

@ -125,9 +125,6 @@ this is not a problem because:
difference is that without a dedicated access token they are unable to receive device messages. While in theory this
does make them unable to see encrypted messages, this is not designed to be a security mechanism.
- An appservice trying to log in as a user will always create a new device, which means the user would be informed of the
new device on their existing sessions. It should be very obvious if a malicous appservice is creating new devices on your account.
In conclusion this MSC only automates the creation of new devices for users inside an AS namespace, which is something
a server admin could already do. Appservices should always be treated with care and so with these facts in mind the MSC should
be considered secure.