Conversation
turt2live
added
client-server
| some company could make a signature for a "Trust Management" team of a company, and thus, if you can | ||
| verify those signatures, you can know if people in said company are trusted. | ||
|
|
||
| In short, there are many reasons for having custom signatures attached to ones (master)key, but currently |
There was a problem hiding this comment.
How should clients interpret these signatures? UX could get super fragmented if some clients know to trust clients based on understanding the specific signature, but others don't. Or is the idea that they write the trust data into cross-signing trust?
There was a problem hiding this comment.
This MSC basically proposes a way for custom signatures, similarly how you can send custom events to a room. If a client does not know whatever custom event you are sending, it doesn't know what to do with it (and typically ignores it). Same would go for signatures.
Future MSCs can build ontop of this and spec certain signatures with m., then.
Or is the idea that they write the trust data into cross-signing trust?
A client could do that (if a signature of a master key is valid, sign it with their own user-signing key), however that sounds like an implementation detail.
There was a problem hiding this comment.
It would also be thinkable in a UI to have like a green shield with a question mark and if you tap it it displays like "This user is verified via xyz, trust this?" and, after you say yes, you sign their master key and the shield becomes fully green.
|
|
||
| It isn't always possible to meet up in a safe environment to verify the person you are communicating | ||
| with. Instead, you might want to trust a PGP signature of someone's master key, some official company | ||
| signature, a national ID signature or many more. |
There was a problem hiding this comment.
I'm trying to imagine how this would work with a typical identity smartcard which has a keypair in it. Would we rely on that smartcard being able to sign arbitrary data? Or I'm wondering if there's an alternative approach possible for cards which can't sign, but can only authenticate (e.g. as a TLS client key)?
There was a problem hiding this comment.
This MSC does not cover specific signing methods.
Would we rely on that smartcard being able to sign arbitrary data?
basically yes
E.g. in europe (all?) new national IDs have eIDAS which could be used to sign your own master key.
turt2live
added
the
needs-implementation
3 participants
Rendered
Signed-Off-By: Sorunome sorunome@famedly.com