Skip to content
This repository has been archived by the owner on May 6, 2020. It is now read-only.

key backup: Trust on Decrypt #257

Closed
3 tasks done
manuroe opened this issue Feb 5, 2019 · 2 comments
Closed
3 tasks done

key backup: Trust on Decrypt #257

manuroe opened this issue Feb 5, 2019 · 2 comments
Labels
e2e feature web

Comments

@manuroe
Copy link
Member

manuroe commented Feb 5, 2019
edited
Loading

Trust a backup if the user is able to recover/decrypt keys from it.

With cross-signing, Trust on Decrypt will be not required as key backups will be created with 2 signatures:

  • the device signature
  • the cross-signing Self-Signed Key

As this SSK will be shared across all cross-signed devices, all these device will trust the key backup.

Without cross-signing, as discussed here, one solution is to add a signature to the key backup from the device on which the recovery/decryption succeeds.
But this new behaviour requires:

  • Spec update to add a new endpoint (PUT /room_keys/version/{version})
  • Server implementation
  • Client implementation
This was referenced Feb 5, 2019
Closed
Closed
@manuroe manuroe closed this as completed Feb 5, 2019
@manuroe manuroe reopened this Feb 5, 2019
@manuroe
Copy link
Member Author

manuroe commented Feb 6, 2019

Spec proposal: uhoreg/matrix-doc#1

@manuroe
Copy link
Member Author

manuroe commented Feb 12, 2019

Server part done in matrix-org/synapse#4580

@manuroe manuroe closed this as completed Apr 9, 2019
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
e2e feature web
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@manuroe