Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add option to force disable all E2EE stuff on Matrix homeserver #8

Open
MurzNN opened this issue Jun 2, 2020 · 1 comment
Open

Comments

@MurzNN
Copy link

MurzNN commented Jun 2, 2020

When Synapse implement E2EE features, there are still no ways to disable all E2EE stuff on per-server level, here is issue about this matrix-org/synapse#4401. For example, some corporate instances need that all messages will be available on server, so want to force disable all abilities to encrypt messages.

Before this will fixed in Synapse (and SPEC), for solve this problem will be good to implement some middleware in Matrix Corporal, that will stop all client-server messages, related to using E2EE stuff.

Is this possible and hard to implement via current Matrix Corporal features?

@spantaleev
Copy link
Member

It should be possible to intercept and reject certain endpoints (/key related APIs) and also prevent sending of some room messages (at least submitted from users on your server) which pertain to enabling encryption.

While possible, it's not really a single thing to intercept and block, so it is a little complicated. For now, I'm refraining from chasing these various things and working on such a feature. It should be possible though. And if there's demand or someone willing to work on it, that'd be nice.

Hopefully a Synapse feature will land, which would let people disable it there, so we wouldn't have to bother.

For completeness, I should mention that besides the Synapse thing, there's also a way to tell Riot clients to avoid E2EE (see element-hq/element-web#13914 and element-hq/element-web#13705). Of course, this only works with Riot and is more of a hint and not something that gets enforced.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants