Skip to content
This repository has been archived by the owner on Apr 26, 2024. It is now read-only.

Commit

Permalink
Add docs for an empty trusted_key_servers config option (#13999)
Browse files Browse the repository at this point in the history
* Add docs for an empty `trusted_key_servers` config option

* small rewording

* Tweak changelog
  • Loading branch information
dklimpel authored Oct 28, 2022
1 parent aa70556 commit 44f0d57
Show file tree
Hide file tree
Showing 2 changed files with 7 additions and 0 deletions.
1 change: 1 addition & 0 deletions changelog.d/13999.doc
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
Explain how to disable the use of `trusted_key_servers`.
6 changes: 6 additions & 0 deletions docs/usage/configuration/config_documentation.md
Original file line number Diff line number Diff line change
Expand Up @@ -2681,6 +2681,12 @@ is still supported for backwards-compatibility, but it is deprecated.
warning on start-up. To suppress this warning, set
`suppress_key_server_warning` to true.

If the use of a trusted key server has to be deactivated, e.g. in a private
federation or for privacy reasons, this can be realised by setting
an empty array (`trusted_key_servers: []`). Then Synapse will request the keys
directly from the server that owns the keys. If Synapse does not get keys directly
from the server, the events of this server will be rejected.

Options for each entry in the list include:
* `server_name`: the name of the server. Required.
* `verify_keys`: an optional map from key id to base64-encoded public key.
Expand Down

0 comments on commit 44f0d57

Please sign in to comment.