Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Proposal for storing megolm keys serverside #1219

Closed
benparsons opened this issue May 10, 2018 · 10 comments
Closed

Proposal for storing megolm keys serverside #1219

benparsons opened this issue May 10, 2018 · 10 comments

Comments

@benparsons
Copy link
Member

@benparsons benparsons commented May 10, 2018

Documentation: #1538
Author: @ara4n, @uhoreg
Date: 23/11/2017

@uhoreg
Copy link
Member

@uhoreg uhoreg commented Aug 13, 2018

The API was designed for option 1, and mostly works for option 2, but it seems like the /room_keys/version API could work better with the PK encryption, and doesn't seem to support the "Verifying the device [new] with an existing device, so the device gets a copy of the recovery-key public key, and can start backing up into the same session" use case.

I think one way to support that is to have the client use the version API to upload the public key for the backup, signed with the device's signing key, along with the device ID. When a new device signs in and wants to back up to that version, then it prompts the user to verify one of the devices that signed the public key. Once the device has been verified, the new device can sign the public key and upload its signature, so that newer devices can check the public key by verifying that device. (Alternatively, we could integrate with the cross-signing data somehow, so that we don't need multiple signatures.)

I think most of this (other than uploading other signatures) can be done with the existing API by changing the contents of the auth_data.

@ara4n ara4n added this to To do (general backlog) in August 2018 r0 via automation Sep 15, 2018
@turt2live turt2live moved this from To do (general backlog) to To do: server-server (prioritized) in August 2018 r0 Oct 1, 2018
@uhoreg uhoreg added the e2e label Apr 1, 2019
@uhoreg
Copy link
Member

@uhoreg uhoreg commented Sep 10, 2019

@mscbot fcp merge
?

@mscbot
Copy link
Collaborator

@mscbot mscbot commented Sep 10, 2019

Team member @uhoreg has proposed to merge this. The next step is review by the rest of the tagged people:

No concerns currently listed.

Once at least 75% of reviewers approve (and none object), this will enter its final comment period. If you spot a major issue that hasn't been raised at any point in this process, please speak up!

See this document for info about what commands tagged team members can give me.

@mscbot
Copy link
Collaborator

@mscbot mscbot commented Oct 24, 2019

🔔 This is now entering its final comment period, as per the review above. 🔔

@mscbot
Copy link
Collaborator

@mscbot mscbot commented Oct 29, 2019

The final comment period, with a disposition to merge, as per the review above, is now complete.

@turt2live
Copy link
Member

@turt2live turt2live commented Oct 29, 2019

This issue should remain open because it is under the legacy process - we'll close it when the spec PR has been merged.

@turt2live
Copy link
Member

@turt2live turt2live commented Oct 29, 2019

@uhoreg if you have proofs of implementation, please link to them here.

@turt2live turt2live added this to Implementation stages in Client-server r0.6 proposals Oct 29, 2019
@uhoreg
Copy link
Member

@uhoreg uhoreg commented Oct 29, 2019

Synapse implementation: mainly in matrix-org/synapse#4019, with some bits in matrix-org/synapse#4123, matrix-org/synapse#4580, matrix-org/synapse#6189, and matrix-org/synapse#5858 (the last one needs a bit of tweaking yet)
JS-SDK implementation mainly: in matrix-org/matrix-js-sdk#736 with a bit in matrix-org/matrix-js-sdk#786

@turt2live turt2live moved this from Implementation stages to Needs spec in Client-server r0.6 proposals Oct 29, 2019
@turt2live
Copy link
Member

@turt2live turt2live commented Dec 16, 2019

Spec PR: #2387

@uhoreg
Copy link
Member

@uhoreg uhoreg commented Jun 2, 2020

Merged! 🎉

@uhoreg uhoreg closed this Jun 2, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
No open projects
August 2018 r0
  
To do: server-server (prioritized)
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
8 participants