Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Share device verification/blocking status between our own devices #2537

Closed
richvdh opened this issue Nov 3, 2016 · 7 comments
Closed

Share device verification/blocking status between our own devices #2537

richvdh opened this issue Nov 3, 2016 · 7 comments
Labels
A-E2EE P2 T-Enhancement X-Needs-Community-Testing

Comments

@richvdh
Copy link
Member

richvdh commented Nov 3, 2016

We could use the account data for this, but we'd need to do some signing to stop it being forged
@richvdh richvdh added the A-E2EE label Nov 3, 2016
@richvdh richvdh mentioned this issue Dec 5, 2016
Closed
@richvdh richvdh mentioned this issue Feb 8, 2017
Closed
@Torxed
Copy link

Torxed commented Feb 9, 2017

Could you use the existing message e2e encryption method and just send a encrypted file containing a \n separated list of trusted keys?

That way you don't break the message protocol and you get the e2e protection assuming you've verified at least your own two keys?

@helmo
Copy link

helmo commented Feb 27, 2017

element-hq/element-meta#647 is about sharing keys for chat history, but has the concept of asking another user/device for keys.

"Matthew has added a new device 'iPad' and is requesting room history since Sept 18th. Do you want to share history?" ref

For this issue what about a message to your older devices when you add a new one: "You just logged in width a new device, do you want to share encryption keys for your history with this new device?"

And in return on the new device: "On other devices you have verified the keys of some contacts, would you like to trust the same ones on this device?"

@richvdh richvdh mentioned this issue Mar 14, 2017
Closed
@ara4n ara4n mentioned this issue Mar 19, 2017
Open
@ara4n
Copy link
Member

ara4n commented May 5, 2017

Just discussed this IRL with @richvdh; we kicked around the idea of just storing the verification state in a megolm room rather than finding another way to share encrypted JSON between our devices. We'd want to encrypt the verification data as well as sign it from a privacy perspective. Conclusion was that this is really a refinement of improving the verification UX and we should come back to it once focusing on improving verification.

@marekjedrzejewski
Copy link
Contributor

Verification process has been improved, but but there's still no synchronization of verified devices.
Even for single private room it was quite painful (I'm using 5 devices + 3 devices for the other side, even using the old method for devices I already verified on other devices, there was a lot of clicking).
Is this anywhere on the horizon, or has been forgotten?

@uhoreg
Copy link
Member

uhoreg commented Feb 1, 2020

We now partially have this on the verification side, with cross-signing. But we don't share blocking status yet.

@kittykat
Copy link
Contributor

We now share blocked user status between devices so I will close this issue for now. If the issue is about another type of blocking, please update with more details and re-open.

@aaronraimist
Copy link
Collaborator

This issue isn't about the ignore user feature. It was about the blacklist feature which allowed you to stop sending encrypted messages to specific devices. That feature no longer exists but maybe will come back in the future #11751.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
A-E2EE P2 T-Enhancement X-Needs-Community-Testing
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
9 participants
@kittykat @helmo @jryans @Torxed @uhoreg @ara4n @richvdh @aaronraimist @marekjedrzejewski