If a server specifies multiple active verify keys, which one(s) are required to sign an object? #1471
Labels
A-S2S
Server-to-Server API (federation)
clarification
An area where the expected behaviour is understood, but the spec could do with being more explicit
Comments
turt2live
added
clarification
|
Yes, it's never made explicit, but for the record: it is sufficient for an object to be signed by any one active key. Additionally: neither https://spec.matrix.org/v1.6/server-server-api/#request-authentication nor https://spec.matrix.org/v1.6/server-server-api/#validating-hashes-and-signatures-on-received-events say anything about validity. Again for the record, the expectation is that:
... must lie within the validity period of the key used for the signature. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Link to problem area:
Issue
Nowhere do we actually say which of the server's keys have to sign a given message, though the general case is that a server has exactly 1 active (not-old) key in play.
The text was updated successfully, but these errors were encountered: