We should do a better job of explaining homeservers signing requests #498
Labels
A-S2S
Server-to-Server API (federation)
clarification
An area where the expected behaviour is understood, but the spec could do with being more explicit
Comments
turt2live
added
clarification
|
For the record, the algorithm used in the IS is the same as that in the S2S API (see https://matrix.org/docs/spec/server_server/r0.1.4#request-authentication). That means that any implementation capable of receiving such requests needs to be capable of retrieving the requesting server's signing keys, which in turn means implementing the federation routing algorithm, complete with SRV lookup. |
richvdh
added
A-S2S
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Now that we have multiple APIs which can be signed outside of s2s, we should generalize the concept
The text was updated successfully, but these errors were encountered: