Filip/matrix-spec
1
0
Fork 0
mirror of https://github.com/matrix-org/matrix-spec synced 2026-01-08 17:03:42 +01:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity
4605 commits 28 branches 42 tags 32 MiB
Commit graph

529 commits

Author SHA1 Message Date
Olivier Wilkinson (reivilibre) 60cbc4567b Addresses some of Andrew's comments 
Signed-off-by: Olivier Wilkinson (reivilibre) <olivier@librepush.net>
 2019-08-09 11:21:39 +01:00
Travis Ralston a171d5f6fd Check for a state_key on the tombstone push rule 
This is an oversight from the proposal.
 2019-08-08 09:29:52 -06:00
Travis Ralston 3087c76452
Merge pull request #2134 from matrix-org/hs/hash-identity 
MSC2134: Identity Hash Lookups
 2019-08-07 19:48:36 -06:00
Olivier Wilkinson (reivilibre) 493bb062af MSC2197: update with privacy perspective 
Includes recommendations for client developers.

Signed-off-by: Olivier Wilkinson (reivilibre) <olivier@librepush.net>
 2019-08-05 09:50:24 +01:00
Travis Ralston a71757f1ee
Merge pull request #2174 from matrix-org/rav/proposals/move_redacts_key 
MSC2174: Move the `redacts` key to a sane place
 2019-08-03 11:01:28 -06:00
Andrew Morgan 3edf5e3c16 Make hashes real values 2019-08-02 11:25:28 +01:00
Andrew Morgan 96e06b6f5f Add line, britishise 2019-08-01 15:04:38 +01:00
Andrew Morgan 3877724774 fix speeling 2019-08-01 15:01:05 +01:00
Andrew Morgan c401a4d47b punctuation 2019-08-01 14:53:41 +01:00
Andrew Morgan acf8d34474 Merge branch 'hs/hash-identity' of github.com:matrix-org/matrix-doc into hs/hash-identity 2019-08-01 14:51:42 +01:00
Andrew Morgan 3789d828fd Incorporate solution analysis from the context of attacks 2019-08-01 14:51:26 +01:00
Olivier Wilkinson (reivilibre) 36e43ee326 Rewrap lines in MSC2917 to 80 chars wide 
Signed-off-by: Olivier Wilkinson (reivilibre) <olivier@librepush.net>
 2019-08-01 09:28:30 +01:00
Andrew Morgan f989263872
MSC2181: Add an Error Code for Signaling a Deactivated User (#2181) 2019-07-31 13:14:02 +01:00
Richard van der Hoff 0c7c48bd12 MSC2175: Remove the creator field from m.room.create events (#2175) 
Fixes #1193
 2019-07-31 13:13:38 +01:00
Andrew Morgan 33d22c3320 hashes are not stream ciphers 2019-07-31 11:47:03 +01:00
Andrew Morgan 9913f5bc29 Slightly clarify pepper value 2019-07-31 11:16:58 +01:00
Andrew Morgan 57de107ea9 Move medium back behind the address 2019-07-31 11:07:22 +01:00
Richard van der Hoff f1f293678b
Apply suggestions from code review 
Co-Authored-By: Travis Ralston <travpc@gmail.com>
Co-Authored-By: Kitsune Ral <Kitsune-Ral@users.sf.net>
 2019-07-30 08:00:48 +01:00
Olivier Wilkinson (reivilibre) 4c22eb86b5 MSC for Search Filtering in Federation /publicRooms 
Signed-off-by: Olivier Wilkinson (reivilibre) <olivier@librepush.net>
 2019-07-29 16:30:25 +01:00
Andrew Morgan c8527b7af8 Merge branch 'hs/hash-identity' of github.com:matrix-org/matrix-doc into hs/hash-identity 2019-07-26 12:05:49 +01:00
Andrew Morgan 4d1f2ea4f4
Apply suggestions from code review 
Co-Authored-By: Hubert Chathi <hubert@uhoreg.ca>
 2019-07-26 12:05:41 +01:00
Andrew Morgan 6660768d85 Don't repeat fast hash bit 2019-07-26 12:04:17 +01:00
Andrew Morgan 027c2d7260 Merge branch 'hs/hash-identity' of github.com:matrix-org/matrix-doc into hs/hash-identity 2019-07-26 12:01:32 +01:00
Andrew Morgan a17c74f592 switch medium and address around, space between address and pepper 2019-07-26 12:00:53 +01:00
Andrew Morgan 5580a2a1a9
Update proposals/2134-identity-hash-lookup.md 
Co-Authored-By: Hubert Chathi <hubert@uhoreg.ca>
 2019-07-26 11:40:38 +01:00
Andrew Morgan ffbfde8a09
Update proposals/2134-identity-hash-lookup.md 
Co-Authored-By: Hubert Chathi <hubert@uhoreg.ca>
 2019-07-26 11:40:20 +01:00
Andrew Morgan 87a54e8d8d Merge branch 'hs/hash-identity' of github.com:matrix-org/matrix-doc into hs/hash-identity 2019-07-25 19:06:07 +01:00
Andrew Morgan 6119b9a50d *@hobnobbob.com is unlikely to be guessed 2019-07-25 19:05:49 +01:00
Andrew Morgan 20c72a3649
Update proposals/2134-identity-hash-lookup.md 
Co-Authored-By: David Baker <dbkr@users.noreply.github.com>
 2019-07-25 18:56:17 +01:00
Andrew Morgan 0ac70b268a Clarify peppering should not happen on none algo 2019-07-25 18:55:57 +01:00
Andrew Morgan da876bb340 missing word 2019-07-25 18:54:02 +01:00
Andrew Morgan c6dd5951a1 Clients can cache the hash details if they want to 2019-07-25 18:53:32 +01:00
Andrew Morgan 8f3e588708 pepper is not a secret val. Still needs to be around. 2019-07-24 15:27:48 +01:00
Andrew Morgan 3b8c57e06c Don't require servers/clients to support "none" 2019-07-23 16:43:55 +01:00
Andrew Morgan 3031df79cc Add example for none algo 2019-07-23 16:33:24 +01:00
Andrew Morgan 9fd6bd3184 Add details about why this proposal should exist 2019-07-23 15:25:41 +01:00
Andrew Morgan b26a9ed1fd Expand on why we can't trust dirty homeservers 2019-07-23 13:28:42 +01:00
Andrew Morgan 577021f12b resolve some comments 2019-07-23 11:48:01 +01:00
Richard van der Hoff 9e264fedc9 Updates 
* preserve *all* of `create`
* don't preserve `notifications` or `algorithm`, and add some justifcation.
 2019-07-22 16:47:49 +01:00
Andrew Morgan 887cd5e7d0 I really hope someone doesn't invest none-hash 2019-07-22 16:00:29 +01:00
Andrew Morgan 0444c8016b review comments 2019-07-22 15:33:49 +01:00
Richard van der Hoff 4503327450 Add some compatibility hacks. 2019-07-22 15:17:52 +01:00
Richard van der Hoff d324cac847 preserve powerlevel 2019-07-16 19:32:34 +01:00
Richard van der Hoff b49a950245
Update proposals/2176-update-redaction-rules.md 
fix typo

Co-Authored-By: Kitsune Ral <Kitsune-Ral@users.sf.net>
 2019-07-16 19:26:02 +01:00
Sorunome 9ebcff5758
fix typo, add section on html details element 2019-07-16 17:11:07 +02:00
Andrew Morgan 36cb8ed894 none -> m.none 2019-07-16 10:44:02 +01:00
Sorunome 1f786ae6dc
commit image into repo, fix typo 2019-07-15 20:52:24 +02:00
David Baker d9269b084f Exclude pubkey endpoints from auth 2019-07-15 16:58:24 +01:00
David Baker a1de6ff634 Hopefully clarify some bits 2019-07-15 10:26:24 +01:00
Richard van der Hoff cd5549d483 Proposal to update the redaction algorithm 2019-07-14 22:50:46 +01:00
Richard van der Hoff b09d48a9f7 Spec link 2019-07-14 20:22:39 +01:00
Richard van der Hoff 78d46b2890 Proposal to move the redacts key to a sane place 2019-07-14 20:20:09 +01:00
David Baker 25a47afa32
unnecessary capital mk. 2 
Co-Authored-By: J. Ryan Stinnett <jryans@gmail.com>
 2019-07-12 11:55:40 +01:00
David Baker 6e061b1baf
unnecessary capital 
Co-Authored-By: J. Ryan Stinnett <jryans@gmail.com>
 2019-07-12 11:55:11 +01:00
David Baker f474b31f5f
typo 
Co-Authored-By: J. Ryan Stinnett <jryans@gmail.com>
 2019-07-12 11:54:45 +01:00
Andrew Morgan 3514437d24 Ability for client/server to decide on no hashing 2019-07-12 11:37:41 +01:00
David Baker 9bb6ad80d1 typo 2019-07-10 16:13:38 +01:00
Andrew Morgan ed67e26037 pepper must not be an empty string, append medium 2019-07-08 17:03:20 +01:00
Andrew Morgan 1963a24832 fix attacks paragraph 2019-07-08 13:27:38 +01:00
Andrew Morgan dd8a6549c9 Address review comments 2019-07-08 11:55:37 +01:00
David Baker 701d340da1 Remove exception for request/submitToken 2019-07-05 19:00:15 +01:00
David Baker bf8a1e5d5f Add way to get the HS to bind/unbind existing 3pids 2019-07-05 18:11:42 +01:00
Andrew Morgan 3702669424 update from comments 2019-07-05 15:59:29 +01:00
David Baker 30dcc28f9b try & clarify that HS signature isn't the only acceptable auth for unbind 2019-07-04 18:38:31 +01:00
Andrew Morgan f4a1e02884 simple method once more 2019-07-04 16:28:49 +01:00
Andrew Morgan 53bd384f2e Clarify salting 2019-07-03 09:59:38 +01:00
David Baker 1a669348d8 http status code 2019-07-02 11:27:46 +01:00
David Baker d15c9df115
fullstop 
Co-Authored-By: Travis Ralston <travpc@gmail.com>
 2019-07-02 11:25:26 +01:00
David Baker e28f7aad72
slash 
Co-Authored-By: Travis Ralston <travpc@gmail.com>
 2019-07-02 11:25:12 +01:00
David Baker 4c72c37b80
slash 
Co-Authored-By: Travis Ralston <travpc@gmail.com>
 2019-07-02 11:24:51 +01:00
David Baker 10858bf83b set account data after registration 2019-07-02 11:22:41 +01:00
David Baker 79dbad2914 remove acceptance token mention 2019-07-02 11:17:27 +01:00
David Baker ac6b9bdb7c s/deprecate/remove/ 2019-07-02 11:16:25 +01:00
David Baker 7f65364804
Typo 
Co-Authored-By: Travis Ralston <travpc@gmail.com>
 2019-07-02 11:13:12 +01:00
David Baker 03e6ab0103 re-word double openid 2019-07-02 11:11:50 +01:00
David Baker d00dfb7822 exclude submittoken too 2019-07-02 11:04:06 +01:00
David Baker f02e4c2e9c
both registers are excluded from auth 
Co-Authored-By: Travis Ralston <travpc@gmail.com>
 2019-07-02 11:00:39 +01:00
David Baker 5374030cc0 Drop application/x-form-www-urlencoded in v2 2019-07-02 10:59:08 +01:00
David Baker 2d11217d4e
Typo 
Co-Authored-By: Travis Ralston <travpc@gmail.com>
 2019-07-02 10:56:32 +01:00
David Baker 8af35be13f
Typo 
Co-Authored-By: Travis Ralston <travpc@gmail.com>
 2019-07-02 10:56:12 +01:00
Andrew Morgan 922a20ba26 small fixes 2019-07-01 16:30:07 +01:00
Andrew Morgan 6f81d3774b New hashing method 2019-07-01 16:23:28 +01:00
David Baker fe14d3c9f0 Spec terms response 2019-06-28 18:07:24 +01:00
David Baker 786d5bc281 rewrite UI auth tradeoffs 2019-06-28 10:25:24 +01:00
David Baker 45d630951c back to M_TERMS_NOT_SIGNED 2019-06-28 09:32:15 +01:00
David Baker 83bb3861ba line wrap 2019-06-28 09:31:53 +01:00
Travis Ralston 8897ea4bb1 Merge branch 'master' into travis/msc/integrations/discovery 2019-06-27 21:56:23 -06:00
Travis Ralston a2a7b7ff13 Merge branch 'master' into travis/msc/integrations/auth 2019-06-27 21:55:59 -06:00
Travis Ralston bfd8e52c23 Formatting 2019-06-27 20:45:23 -06:00
Travis Ralston d8283b9cdf Add option to use query string 2019-06-27 20:44:49 -06:00
Travis Ralston e80753e56c Add .well-known discovery 2019-06-27 18:24:42 -06:00
David Baker 4be283ccb3
Typing 
Co-Authored-By: Travis Ralston <travpc@gmail.com>
 2019-06-27 17:31:15 +01:00
David Baker f95197b422 make the many-anded sentence a list 2019-06-27 17:30:36 +01:00
David Baker 10a6a59a12 Deprecate bind_email / bind_msisdn 2019-06-27 16:58:22 +01:00
David Baker b5326de1c4 Exclude requestToken endpoints from auth requirement 2019-06-27 16:34:46 +01:00
Sorunome 540aab82a1
accidentally formatted the wrong entry 2019-06-27 13:09:15 +02:00
Sorunome 6260871a21
spoiler fallback to uploaded media 2019-06-27 13:07:08 +02:00
David Baker 21b9eaf8de No custom HTTP headers 
Use the obvious way: in the same place as the ID server address
 2019-06-26 17:56:41 +01:00
David Baker 2694bb1090 Add really horrible custom HTTP header 
for giving the IS token to the HS
 2019-06-26 17:41:21 +01:00
David Baker 58cf083a6a backwards compat 2019-06-26 15:31:11 +01:00
David Baker 6273868323 Clarify v1 API deprecation 2019-06-26 15:29:24 +01:00
David Baker 4edf826c93 Capitalise on our identifiers 2019-06-26 15:29:23 +01:00
David Baker ba7047ce77
Clarify we must be accepting HS auth 
Co-Authored-By: Travis Ralston <travpc@gmail.com>
 2019-06-26 14:51:11 +01:00
David Baker 1d75828c71 Clarify what to do if no (new) docs 2019-06-26 14:45:25 +01:00
David Baker af691b5a8a
Clarify this applies to 2134 
Co-Authored-By: Travis Ralston <travpc@gmail.com>
 2019-06-26 14:37:06 +01:00
David Baker 57094276ce
Typing hard is 
Co-Authored-By: Travis Ralston <travpc@gmail.com>
 2019-06-26 14:36:15 +01:00
Andrew Morgan 7549c5dd76 Merge branch 'hs/hash-identity' of github.com:matrix-org/matrix-doc into hs/hash-identity 2019-06-26 10:57:07 +01:00
Andrew Morgan 0fd4fe2542 Add algo/pepper to err resp 2019-06-26 10:55:44 +01:00
Andrew Morgan dfb37fcce1 update with feedback 2019-06-25 18:55:18 +01:00
Andrew Morgan df88b13ce1
Update proposals/2134-identity-hash-lookup.md 
Co-Authored-By: Hubert Chathi <hubert@uhoreg.ca>
 2019-06-25 18:15:02 +01:00
David Baker 9e0d8b9cb2 Use M_CONSENT_NOT_GIVEN 
No idea where I got the other one from: we already have one in the
spec, so use it.
 2019-06-25 17:17:39 +01:00
David Baker 0dae2d5812 GET terms must be unauthed. 
Detail process for new auth (don't register until consent given).

Specifically mention the authentication header.
 2019-06-25 15:52:55 +01:00
Sorunome 4f83cc1c24
moved client spoiler conversion to potential issues 2019-06-25 16:19:29 +02:00
David Baker 6f374dc981 Re-write for OpenID auth 2019-06-25 14:58:15 +01:00
David Baker 2c09580e27 line wrap 2019-06-25 11:14:35 +01:00
Andrew Morgan 96e43aaf45 Define what characters lookup_pepper can consist of 2019-06-25 10:37:45 +01:00
Andrew Morgan f951f312e1 Fix terrible wording 2019-06-25 10:30:29 +01:00
Andrew Morgan fae6883cc0 Update with review comments 2019-06-25 10:18:11 +01:00
Andrew Morgan 0a4c83ddb9 no plural. 3pid -> 3PID 2019-06-24 17:54:23 +01:00
Andrew Morgan 36a35a33cc Clarify how the spec defines hashing algs 2019-06-24 16:59:58 +01:00
Andrew Morgan ee10576d60 Update with feedback 2019-06-24 15:43:19 +01:00
David Baker abb407145a HS docs must be added too 
also, unbind must not error when called by HSes and proxy terms token
 2019-06-24 15:30:19 +01:00
David Baker 8ae47557c9 s/Third Party/Accepted/ 2019-06-24 15:22:19 +01:00
David Baker 2555801458 m.third_party_terms -> m.accepted_terms 
as it will have the HS's terms too
 2019-06-24 14:56:48 +01:00
David Baker 4ba9b2a599 perfix 2019-06-24 13:18:41 +01:00
David Baker a63e4420eb
Linkify 
Co-Authored-By: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
 2019-06-24 13:17:58 +01:00
Andrew Morgan 02ac0f3b33 Give the user control! 2019-06-24 11:56:04 +01:00
Andrew Morgan acdb2b1b42 Merge branch 'hs/hash-identity' of github.com:matrix-org/matrix-doc into hs/hash-identity 2019-06-24 11:47:53 +01:00
Andrew Morgan e3ff80291f http err codes and hash wording fixes 2019-06-24 11:47:00 +01:00
Travis Ralston 21e93a123e Naming and capitalization 2019-06-21 11:36:16 -06:00
Andrew Morgan 53f025edfc Specify optional pepper rotation period 2019-06-21 15:42:11 +01:00
Andrew Morgan 2383a55720 404 for deprecated endpoint 2019-06-21 15:40:26 +01:00
Andrew Morgan c63edc7b97 Clean up wording around peppers and hashes 2019-06-21 14:12:50 +01:00
Andrew Morgan e3b2ad38b5 pepper -> lookup_pepper 2019-06-21 12:17:01 +01:00
Andrew Morgan 1fea604ba9 Don't define error message 2019-06-21 11:32:23 +01:00
David Baker 9ca3ccc81c Add requirments section for de-duping between services. 2019-06-21 09:35:26 +01:00
David Baker d4ca0c237a Specify ID grammar and add comma 2019-06-21 09:25:16 +01:00
David Baker 276e2b6843
Typo 
Co-Authored-By: Travis Ralston <travpc@gmail.com>
 2019-06-21 09:14:24 +01:00
David Baker cf48030d1f One more tradeoff 2019-06-20 17:48:21 +01:00
David Baker 32c7fc638d you have a number now 2019-06-20 17:44:28 +01:00
David Baker 23af87e9fc Proposal for IS & IM TOS API 2019-06-20 17:41:19 +01:00
Andrew Morgan 1343e19a6d Specify hash algorithm and fallback considerations 2019-06-20 14:36:47 +01:00
Andrew Morgan f28476f0f3 line wrap and fix wording 2019-06-19 16:29:24 +01:00
Andrew Morgan 3ee27d3818 salt->pepper. 1 pepper/is. add multi-hash idea 2019-06-19 15:14:30 +01:00
Andrew Morgan f41ed02c9e remove sec concerns 2019-06-18 17:22:30 +01:00
Andrew Morgan 6bb4a9e911 Add per-is salt consideration 2019-06-18 17:09:06 +01:00
Andrew Morgan 5049e552e7 Drop /api from the new endpoint 2019-06-18 17:05:46 +01:00
Andrew Morgan bc9b6c3659 Add salt to example and signal link 2019-06-18 17:03:49 +01:00
Andrew Morgan 063b9f60e0 Require a salt to defend against rainbow tables 2019-06-18 16:50:47 +01:00
Andrew Morgan d2b47a585d Allow for changing the hashing algo and add at-rest details 2019-06-18 16:37:02 +01:00