New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Verify all devices in channel #46
Comments
There is no option to verify all devices in a room but the verify and unverify command support the wildcard char * to select all users or all devices of a user. Also they arguments for the commands don't need to be exact, for example the command The command will print out the devices for which the verification state has changed. |
Ok. Thanks. Is this a deliberate design decision aligned with the Riot policy, or is it something that can be assessed for future addition? Or should this be implemented in some sort of other function in Weechat? The way I've worked this so far is that you build historic trust in the group using a channel. When a new person joins in, the historic devices/users are already verified by the existing users. I believe this will be prevalent when you get encrypted rooms with, say, more than 100 users - where you today would need to run 100 olm verify commands (and no-one would do that thoroughly anyways). |
It's actually against recommendations since you can verify devices insecurely in bulk. To make device verification easier device cross signing should be implemented in nio. Cross signing is currently being implemented in riot so it'll probably be a while before that gets added to nio. Verifying all room users could be added as a feature but since you already can verify an arbitrary subset of users in bulk I don't have any interest adding that myself. |
That is good enough for me. Thanks. |
thanks @poljar great job on the plugin <3 |
I don't think we should encourage users to verify devices in bulk since ignoring devices in bulk is now supported. Ignoring all devices in a room is as well supported, so closing this now. |
I looked through the command code but couldn't figure a way to verify all devices in a room. Is there currently a way to do this?
In encrypted rooms with more than a couple users, this becomes quite some labor - especially when devices has been verified previously and you just need to get a new baseline.
The text was updated successfully, but these errors were encountered: