mirror of
https://github.com/matrix-org/matrix-spec
synced 2026-02-19 12:33:43 +01:00
f42ce28bfe
- do not use the term 'cross-signing keys' anymore: Previously, the term 'cross-signing keys' was used to refer to the master, user-signing and self-signing keys. This is not ideal since the master key is used for cross-signing but may also be used to sign the backup key, for example. In these contexts, the master key is not used for cross-signing. The term 'cross-signing keys' has therefor been replaced by 'keys used for cross-signing' or, more explicitely, by 'master, user-signing and self-signing key'. - the naming of the master key has been harmonised (no more 'master cross-signing key' or 'master signing keys'). Also the abbr. 'MSK' has been replaced by 'MK'. - in the QR code example, the term 'cross-signing key' has been replaced by 'master key' since in mode 0x00, the current user's own master key and what the device thinks the other user's master key is used. - it has been made more explicit that private keys used for cross-signing can be stored on the server are stored as described in the secrets module (as opposed to store them in unencrypted form) Signed-off-by: codedust <codedust@so.urceco.de>
58 lines
1.8 KiB
YAML
58 lines
1.8 KiB
YAML
# Copyright 2020 The Matrix.org Foundation C.I.C.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
type: object
|
|
title: CrossSigningKey
|
|
description: Key used for cross signing
|
|
properties:
|
|
user_id:
|
|
type: string
|
|
description: |-
|
|
The ID of the user the key belongs to.
|
|
example: "@alice:example.com"
|
|
usage:
|
|
type: array
|
|
description: |-
|
|
What the key is used for.
|
|
items:
|
|
type: string
|
|
enum: ["master", "self_signing", "user_signing"]
|
|
keys:
|
|
type: object
|
|
additionalProperties:
|
|
type: string
|
|
description: |-
|
|
The public key. The object must have exactly one property, whose name is
|
|
in the form `<algorithm>:<unpadded_base64_public_key>`, and whose value
|
|
is the unpadded base64 public key.
|
|
minProperties: 1
|
|
maxProperties: 1
|
|
example:
|
|
"ed25519:alice+base64+public+key": "alice+base64+public+key"
|
|
signatures:
|
|
type: object
|
|
title: Signatures
|
|
description: |-
|
|
Signatures of the key, calculated using the process described at [Signing JSON](/appendices/#signing-json).
|
|
Optional for the master key. Other keys must be signed by the
|
|
user\'s master key.
|
|
example: {
|
|
"@alice:example.com": {
|
|
"ed25519:alice+base64+master+key": "signature+of+key"
|
|
}
|
|
}
|
|
required:
|
|
- user_id
|
|
- usage
|
|
- keys
|