5b1ea4ffcb
Update proposals/2229-rebind-existing-3pid.md
...
Co-Authored-By: J. Ryan Stinnett <jryans@gmail.com>
2019-08-13 17:13:48 +01:00
cb1e3b8373
Take into account the 1 is case
2019-08-13 13:29:35 +01:00
f313b49c26
Add bind def.
2019-08-13 11:40:34 +01:00
be77b5823c
fix up
2019-08-13 11:24:37 +01:00
6ed0ae36ba
rename msc #
2019-08-13 11:12:04 +01:00
ed4d805d2f
flesh out
2019-08-13 11:11:22 +01:00
6330fff5a4
Draft for IS URL in account data
2019-08-12 18:13:58 +01:00
783fd78a6f
wip
2019-08-12 17:13:37 +01:00
353b6cd198
clarification
2019-08-12 13:12:18 +01:00
7ed5367516
clarifications, fix formatting
2019-08-10 14:14:30 -07:00
60cbc4567b
Addresses some of Andrew's comments
...
Signed-off-by: Olivier Wilkinson (reivilibre) <olivier@librepush.net>
2019-08-09 11:21:39 +01:00
a171d5f6fd
Check for a state_key on the tombstone push rule
...
This is an oversight from the proposal.
2019-08-08 09:29:52 -06:00
3087c76452
Merge pull request #2134 from matrix-org/hs/hash-identity
...
MSC2134: Identity Hash Lookups
2019-08-07 19:48:36 -06:00
493bb062af
MSC2197: update with privacy perspective
...
Includes recommendations for client developers.
Signed-off-by: Olivier Wilkinson (reivilibre) <olivier@librepush.net>
2019-08-05 09:50:24 +01:00
a71757f1ee
Merge pull request #2174 from matrix-org/rav/proposals/move_redacts_key
...
MSC2174: Move the `redacts` key to a sane place
2019-08-03 11:01:28 -06:00
3edf5e3c16
Make hashes real values
2019-08-02 11:25:28 +01:00
96e06b6f5f
Add line, britishise
2019-08-01 15:04:38 +01:00
3877724774
fix speeling
2019-08-01 15:01:05 +01:00
c401a4d47b
punctuation
2019-08-01 14:53:41 +01:00
acf8d34474
Merge branch 'hs/hash-identity' of github.com:matrix-org/matrix-doc into hs/hash-identity
2019-08-01 14:51:42 +01:00
3789d828fd
Incorporate solution analysis from the context of attacks
2019-08-01 14:51:26 +01:00
36e43ee326
Rewrap lines in MSC2917 to 80 chars wide
...
Signed-off-by: Olivier Wilkinson (reivilibre) <olivier@librepush.net>
2019-08-01 09:28:30 +01:00
80adbaff4c
switch to MSC1946 for storing recovery key
2019-07-31 16:38:20 -04:00
825757ffd8
add information about verifying backup by entering key
2019-07-31 16:37:54 -04:00
bd9efcdf53
add some information and an example
2019-07-31 16:22:24 -04:00
d47e13c6d9
this FIXME will be addressed in the key backup MSC
2019-07-31 16:20:55 -04:00
395d40314b
fix typos and make valid JSON
2019-07-31 16:20:39 -04:00
f989263872
MSC2181: Add an Error Code for Signaling a Deactivated User ( #2181 )
2019-07-31 13:14:02 +01:00
0c7c48bd12
MSC2175: Remove the `creator` field from `m.room.create` events ( #2175 )
...
Fixes #1193
2019-07-31 13:13:38 +01:00
33d22c3320
hashes are not stream ciphers
2019-07-31 11:47:03 +01:00
9913f5bc29
Slightly clarify pepper value
2019-07-31 11:16:58 +01:00
57de107ea9
Move medium back behind the address
2019-07-31 11:07:22 +01:00
f1f293678b
Apply suggestions from code review
...
Co-Authored-By: Travis Ralston <travpc@gmail.com>
Co-Authored-By: Kitsune Ral <Kitsune-Ral@users.sf.net>
2019-07-30 08:00:48 +01:00
4c22eb86b5
MSC for Search Filtering in Federation /publicRooms
...
Signed-off-by: Olivier Wilkinson (reivilibre) <olivier@librepush.net>
2019-07-29 16:30:25 +01:00
c8527b7af8
Merge branch 'hs/hash-identity' of github.com:matrix-org/matrix-doc into hs/hash-identity
2019-07-26 12:05:49 +01:00
4d1f2ea4f4
Apply suggestions from code review
...
Co-Authored-By: Hubert Chathi <hubert@uhoreg.ca>
2019-07-26 12:05:41 +01:00
6660768d85
Don't repeat fast hash bit
2019-07-26 12:04:17 +01:00
027c2d7260
Merge branch 'hs/hash-identity' of github.com:matrix-org/matrix-doc into hs/hash-identity
2019-07-26 12:01:32 +01:00
a17c74f592
switch medium and address around, space between address and pepper
2019-07-26 12:00:53 +01:00
5580a2a1a9
Update proposals/2134-identity-hash-lookup.md
...
Co-Authored-By: Hubert Chathi <hubert@uhoreg.ca>
2019-07-26 11:40:38 +01:00
ffbfde8a09
Update proposals/2134-identity-hash-lookup.md
...
Co-Authored-By: Hubert Chathi <hubert@uhoreg.ca>
2019-07-26 11:40:20 +01:00
87a54e8d8d
Merge branch 'hs/hash-identity' of github.com:matrix-org/matrix-doc into hs/hash-identity
2019-07-25 19:06:07 +01:00
6119b9a50d
*@hobnobbob.com is unlikely to be guessed
2019-07-25 19:05:49 +01:00
20c72a3649
Update proposals/2134-identity-hash-lookup.md
...
Co-Authored-By: David Baker <dbkr@users.noreply.github.com>
2019-07-25 18:56:17 +01:00
0ac70b268a
Clarify peppering should not happen on none algo
2019-07-25 18:55:57 +01:00
da876bb340
missing word
2019-07-25 18:54:02 +01:00
c6dd5951a1
Clients can cache the hash details if they want to
2019-07-25 18:53:32 +01:00
8f3e588708
pepper is not a secret val. Still needs to be around.
2019-07-24 15:27:48 +01:00
3b8c57e06c
Don't require servers/clients to support "none"
2019-07-23 16:43:55 +01:00
3031df79cc
Add example for none algo
2019-07-23 16:33:24 +01:00
9fd6bd3184
Add details about why this proposal should exist
2019-07-23 15:25:41 +01:00
b26a9ed1fd
Expand on why we can't trust dirty homeservers
2019-07-23 13:28:42 +01:00
577021f12b
resolve some comments
2019-07-23 11:48:01 +01:00
9e264fedc9
Updates
...
* preserve *all* of `create`
* don't preserve `notifications` or `algorithm`, and add some justifcation.
2019-07-22 16:47:49 +01:00
887cd5e7d0
I really hope someone doesn't invest none-hash
2019-07-22 16:00:29 +01:00
0444c8016b
review comments
2019-07-22 15:33:49 +01:00
4503327450
Add some compatibility hacks.
2019-07-22 15:17:52 +01:00
d324cac847
preserve powerlevel
2019-07-16 19:32:34 +01:00
b49a950245
Update proposals/2176-update-redaction-rules.md
...
fix typo
Co-Authored-By: Kitsune Ral <Kitsune-Ral@users.sf.net>
2019-07-16 19:26:02 +01:00
9ebcff5758
fix typo, add section on html details element
2019-07-16 17:11:07 +02:00
36cb8ed894
none -> m.none
2019-07-16 10:44:02 +01:00
1f786ae6dc
commit image into repo, fix typo
2019-07-15 20:52:24 +02:00
d9269b084f
Exclude pubkey endpoints from auth
2019-07-15 16:58:24 +01:00
a1de6ff634
Hopefully clarify some bits
2019-07-15 10:26:24 +01:00
cd5549d483
Proposal to update the redaction algorithm
2019-07-14 22:50:46 +01:00
b09d48a9f7
Spec link
2019-07-14 20:22:39 +01:00
78d46b2890
Proposal to move the `redacts` key to a sane place
2019-07-14 20:20:09 +01:00
25a47afa32
unnecessary capital mk. 2
...
Co-Authored-By: J. Ryan Stinnett <jryans@gmail.com>
2019-07-12 11:55:40 +01:00
6e061b1baf
unnecessary capital
...
Co-Authored-By: J. Ryan Stinnett <jryans@gmail.com>
2019-07-12 11:55:11 +01:00
f474b31f5f
typo
...
Co-Authored-By: J. Ryan Stinnett <jryans@gmail.com>
2019-07-12 11:54:45 +01:00
3514437d24
Ability for client/server to decide on no hashing
2019-07-12 11:37:41 +01:00
9bb6ad80d1
typo
2019-07-10 16:13:38 +01:00
ed67e26037
pepper must not be an empty string, append medium
2019-07-08 17:03:20 +01:00
1963a24832
fix attacks paragraph
2019-07-08 13:27:38 +01:00
dd8a6549c9
Address review comments
2019-07-08 11:55:37 +01:00
701d340da1
Remove exception for request/submitToken
2019-07-05 19:00:15 +01:00
bf8a1e5d5f
Add way to get the HS to bind/unbind existing 3pids
2019-07-05 18:11:42 +01:00
3702669424
update from comments
2019-07-05 15:59:29 +01:00
30dcc28f9b
try & clarify that HS signature isn't the only acceptable auth for unbind
2019-07-04 18:38:31 +01:00
f4a1e02884
simple method once more
2019-07-04 16:28:49 +01:00
4d31ddc8c9
additions and clarifications
...
- indicate how to use MSC 1946 to store/share private keys
- add signing by devices to enable migrating from device verifications
- add information about signature upload failures and M_INVALID_SIGNATURE code
- add security consideration
2019-07-03 15:09:06 -04:00
53bd384f2e
Clarify salting
2019-07-03 09:59:38 +01:00
3aaf181db2
rename some things and add clarification
2019-07-02 14:05:06 -04:00
1a669348d8
http status code
2019-07-02 11:27:46 +01:00
d15c9df115
fullstop
...
Co-Authored-By: Travis Ralston <travpc@gmail.com>
2019-07-02 11:25:26 +01:00
e28f7aad72
slash
...
Co-Authored-By: Travis Ralston <travpc@gmail.com>
2019-07-02 11:25:12 +01:00
4c72c37b80
slash
...
Co-Authored-By: Travis Ralston <travpc@gmail.com>
2019-07-02 11:24:51 +01:00
10858bf83b
set account data after registration
2019-07-02 11:22:41 +01:00
79dbad2914
remove acceptance token mention
2019-07-02 11:17:27 +01:00
ac6b9bdb7c
s/deprecate/remove/
2019-07-02 11:16:25 +01:00
7f65364804
Typo
...
Co-Authored-By: Travis Ralston <travpc@gmail.com>
2019-07-02 11:13:12 +01:00
03e6ab0103
re-word double openid
2019-07-02 11:11:50 +01:00
d00dfb7822
exclude submittoken too
2019-07-02 11:04:06 +01:00
f02e4c2e9c
both registers are excluded from auth
...
Co-Authored-By: Travis Ralston <travpc@gmail.com>
2019-07-02 11:00:39 +01:00
5374030cc0
Drop application/x-form-www-urlencoded in v2
2019-07-02 10:59:08 +01:00
2d11217d4e
Typo
...
Co-Authored-By: Travis Ralston <travpc@gmail.com>
2019-07-02 10:56:32 +01:00
8af35be13f
Typo
...
Co-Authored-By: Travis Ralston <travpc@gmail.com>
2019-07-02 10:56:12 +01:00
922a20ba26
small fixes
2019-07-01 16:30:07 +01:00
6f81d3774b
New hashing method
2019-07-01 16:23:28 +01:00
fe14d3c9f0
Spec terms response
2019-06-28 18:07:24 +01:00
786d5bc281
rewrite UI auth tradeoffs
2019-06-28 10:25:24 +01:00
45d630951c
back to M_TERMS_NOT_SIGNED
2019-06-28 09:32:15 +01:00
83bb3861ba
line wrap
2019-06-28 09:31:53 +01:00
8897ea4bb1
Merge branch 'master' into travis/msc/integrations/discovery
2019-06-27 21:56:23 -06:00
a2a7b7ff13
Merge branch 'master' into travis/msc/integrations/auth
2019-06-27 21:55:59 -06:00
bfd8e52c23
Formatting
2019-06-27 20:45:23 -06:00
d8283b9cdf
Add option to use query string
2019-06-27 20:44:49 -06:00
e80753e56c
Add .well-known discovery
2019-06-27 18:24:42 -06:00
4be283ccb3
Typing
...
Co-Authored-By: Travis Ralston <travpc@gmail.com>
2019-06-27 17:31:15 +01:00
f95197b422
make the many-anded sentence a list
2019-06-27 17:30:36 +01:00
10a6a59a12
Deprecate `bind_email` / `bind_msisdn`
2019-06-27 16:58:22 +01:00
b5326de1c4
Exclude requestToken endpoints from auth requirement
2019-06-27 16:34:46 +01:00
540aab82a1
accidentally formatted the wrong entry
2019-06-27 13:09:15 +02:00
6260871a21
spoiler fallback to uploaded media
2019-06-27 13:07:08 +02:00
21b9eaf8de
No custom HTTP headers
...
Use the obvious way: in the same place as the ID server address
2019-06-26 17:56:41 +01:00
2694bb1090
Add really horrible custom HTTP header
...
for giving the IS token to the HS
2019-06-26 17:41:21 +01:00
58cf083a6a
backwards compat
2019-06-26 15:31:11 +01:00
6273868323
Clarify v1 API deprecation
2019-06-26 15:29:24 +01:00
4edf826c93
Capitalise on our identifiers
2019-06-26 15:29:23 +01:00
ba7047ce77
Clarify we must be accepting HS auth
...
Co-Authored-By: Travis Ralston <travpc@gmail.com>
2019-06-26 14:51:11 +01:00
1d75828c71
Clarify what to do if no (new) docs
2019-06-26 14:45:25 +01:00
af691b5a8a
Clarify this applies to 2134
...
Co-Authored-By: Travis Ralston <travpc@gmail.com>
2019-06-26 14:37:06 +01:00
57094276ce
Typing hard is
...
Co-Authored-By: Travis Ralston <travpc@gmail.com>
2019-06-26 14:36:15 +01:00
7549c5dd76
Merge branch 'hs/hash-identity' of github.com:matrix-org/matrix-doc into hs/hash-identity
2019-06-26 10:57:07 +01:00
0fd4fe2542
Add algo/pepper to err resp
2019-06-26 10:55:44 +01:00
dfb37fcce1
update with feedback
2019-06-25 18:55:18 +01:00
df88b13ce1
Update proposals/2134-identity-hash-lookup.md
...
Co-Authored-By: Hubert Chathi <hubert@uhoreg.ca>
2019-06-25 18:15:02 +01:00
9e0d8b9cb2
Use M_CONSENT_NOT_GIVEN
...
No idea where I got the other one from: we already have one in the
spec, so use it.
2019-06-25 17:17:39 +01:00
0dae2d5812
GET terms must be unauthed.
...
Detail process for new auth (don't register until consent given).
Specifically mention the authentication header.
2019-06-25 15:52:55 +01:00
4f83cc1c24
moved client spoiler conversion to potential issues
2019-06-25 16:19:29 +02:00
6f374dc981
Re-write for OpenID auth
2019-06-25 14:58:15 +01:00
2c09580e27
line wrap
2019-06-25 11:14:35 +01:00
96e43aaf45
Define what characters lookup_pepper can consist of
2019-06-25 10:37:45 +01:00
f951f312e1
Fix terrible wording
2019-06-25 10:30:29 +01:00
fae6883cc0
Update with review comments
2019-06-25 10:18:11 +01:00
0a4c83ddb9
no plural. 3pid -> 3PID
2019-06-24 17:54:23 +01:00
36a35a33cc
Clarify how the spec defines hashing algs
2019-06-24 16:59:58 +01:00
ee10576d60
Update with feedback
2019-06-24 15:43:19 +01:00
abb407145a
HS docs must be added too
...
also, unbind must not error when called by HSes and proxy terms token
2019-06-24 15:30:19 +01:00
8ae47557c9
s/Third Party/Accepted/
2019-06-24 15:22:19 +01:00
2555801458
m.third_party_terms -> m.accepted_terms
...
as it will have the HS's terms too
2019-06-24 14:56:48 +01:00
4ba9b2a599
perfix
2019-06-24 13:18:41 +01:00
a63e4420eb
Linkify
...
Co-Authored-By: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
2019-06-24 13:17:58 +01:00
02ac0f3b33
Give the user control!
2019-06-24 11:56:04 +01:00
acdb2b1b42
Merge branch 'hs/hash-identity' of github.com:matrix-org/matrix-doc into hs/hash-identity
2019-06-24 11:47:53 +01:00
e3ff80291f
http err codes and hash wording fixes
2019-06-24 11:47:00 +01:00
21e93a123e
Naming and capitalization
2019-06-21 11:36:16 -06:00
53f025edfc
Specify optional pepper rotation period
2019-06-21 15:42:11 +01:00
2383a55720
404 for deprecated endpoint
2019-06-21 15:40:26 +01:00
c63edc7b97
Clean up wording around peppers and hashes
2019-06-21 14:12:50 +01:00
e3b2ad38b5
pepper -> lookup_pepper
2019-06-21 12:17:01 +01:00
1fea604ba9
Don't define error message
2019-06-21 11:32:23 +01:00
9ca3ccc81c
Add requirments section for de-duping between services.
2019-06-21 09:35:26 +01:00
d4ca0c237a
Specify ID grammar and add comma
2019-06-21 09:25:16 +01:00
276e2b6843
Typo
...
Co-Authored-By: Travis Ralston <travpc@gmail.com>
2019-06-21 09:14:24 +01:00
cf48030d1f
One more tradeoff
2019-06-20 17:48:21 +01:00
32c7fc638d
you have a number now
2019-06-20 17:44:28 +01:00
23af87e9fc
Proposal for IS & IM TOS API
2019-06-20 17:41:19 +01:00
1343e19a6d
Specify hash algorithm and fallback considerations
2019-06-20 14:36:47 +01:00
f28476f0f3
line wrap and fix wording
2019-06-19 16:29:24 +01:00
3ee27d3818
salt->pepper. 1 pepper/is. add multi-hash idea
2019-06-19 15:14:30 +01:00
f41ed02c9e
remove sec concerns
2019-06-18 17:22:30 +01:00
6bb4a9e911
Add per-is salt consideration
2019-06-18 17:09:06 +01:00
5049e552e7
Drop /api from the new endpoint
2019-06-18 17:05:46 +01:00
bc9b6c3659
Add salt to example and signal link
2019-06-18 17:03:49 +01:00
063b9f60e0
Require a salt to defend against rainbow tables
2019-06-18 16:50:47 +01:00
d2b47a585d
Allow for changing the hashing algo and add at-rest details
2019-06-18 16:37:02 +01:00
f8dbf2b360
Update proposals/2134-identity-hash-lookup.md
...
Co-Authored-By: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
2019-06-17 13:17:57 +01:00
12431f1a4e
Base64 potential issue
2019-06-15 13:29:59 +01:00
8b92df74ab
s/medium/address
2019-06-15 13:25:42 +01:00
a8c26d208b
Wrap
2019-06-15 12:43:20 +01:00
3eff76b00a
MSC 2134
2019-06-15 12:37:40 +01:00
26349417ba
update spoiler render idea
2019-06-11 21:13:16 +02:00
fc1d8f184d
Merge pull request #2078 from matrix-org/anoa/msc2078
...
MSC2078: Sending Third-Party Request Tokens via the Homeserver
2019-06-10 14:25:35 -06:00
65c3935419
Merge pull request #2076 from matrix-org/rav/proposal/enforce_key_validity_periods
...
MSC2076: Enforce key-validity periods when validating event signatures
2019-06-10 07:25:09 -06:00
19575eb4d4
Merge pull request #2077 from matrix-org/rav/proposal/room_v5
...
MSC2077: room v5
2019-06-10 07:24:41 -06:00
950415c72a
Merge branch 'master' into matthew/msc1779
2019-06-07 19:19:19 +01:00
be568ba9ab
link to the legalified version of MSC1779
2019-06-07 19:10:26 +01:00
9cf03325b9
Merge pull request #2046 from matrix-org/travis/1.0/msc1915-unbind
...
Spec 3PID unbind API
2019-06-07 07:33:33 -06:00
45e271c0f7
be super explicit
2019-06-07 13:29:22 +01:00
7f65704ebc
Update wording and answer review comments
2019-06-07 12:45:11 +01:00
3e23dde341
Be clear that any 3PID token request can now be done by the hs
2019-06-05 21:49:02 +01:00
9000247008
Merge branch 'anoa/msc2078' of github.com:matrix-org/matrix-doc into anoa/msc2078
...
* 'anoa/msc2078' of github.com:matrix-org/matrix-doc:
Update proposals/2078-homeserver-password-resets.md
2019-06-05 17:54:27 +01:00
d3f21e0360
Address review comments
2019-06-05 17:54:18 +01:00
e49518099d
Be explicit with request/responses
2019-06-05 17:37:09 +01:00
395acf8e06
Update proposals/2078-homeserver-password-resets.md
...
Co-Authored-By: Hubert Chathi <hubert@uhoreg.ca>
2019-06-05 15:58:14 +01:00
6bb48723e8
The HS can send any URL
2019-06-05 15:43:57 +01:00
6e0af5e64c
If no submit_url, just send it to the IS as before
2019-06-05 15:07:06 +01:00
4174b61279
submit_url only if the user has to enter the code somewhere
2019-06-05 14:50:40 +01:00
8259ae292a
Capitalise SMS
2019-06-05 14:39:36 +01:00
7e18c5d5a8
Add new submit_url response field
2019-06-05 14:38:16 +01:00
8cba7adcdf
Clarify conditions for attack
2019-06-05 13:52:02 +01:00
085c5667a4
wrap lines
2019-06-05 13:42:23 +01:00
1956f1a916
Revert "Remove attacker bit"
...
This reverts commit c9711acbc5
2019-06-05 12:59:58 +01:00
c9711acbc5
Remove attacker bit
2019-06-05 12:52:01 +01:00
4e692735f5
Update some wording
2019-06-05 11:25:26 +01:00
cf932ad4f8
msc2078 - proposal for homeservers sending passwords reset requests
2019-06-05 11:20:28 +01:00
40b10f254b
clarifications
2019-06-05 07:18:25 +01:00
3347a480eb
fix typo
2019-06-05 00:07:05 +01:00
d2ccd6b268
MSC2077: room v5
2019-06-04 23:53:42 +01:00
Andrew Morgan