From 825757ffd8c9f38f588b4d6dadf0a826675ff601 Mon Sep 17 00:00:00 2001
From: Hubert Chathi <hubert@uhoreg.ca>
Date: Wed, 31 Jul 2019 16:37:54 -0400
Subject: [PATCH] add information about verifying backup by entering key

---
 proposals/1219-storing-megolm-keys-serverside.md | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/proposals/1219-storing-megolm-keys-serverside.md b/proposals/1219-storing-megolm-keys-serverside.md
index 09ded1cd..e1ff0740 100644
--- a/proposals/1219-storing-megolm-keys-serverside.md
+++ b/proposals/1219-storing-megolm-keys-serverside.md
@@ -493,7 +493,10 @@ key backup.  This proposal does not attempt to protect against that.
 An attacker who gains access to a user's account can create a new backup
 version using a key that they control.  For this reason, clients SHOULD confirm
 with users before sending keys to a new backup version or verify that it was
-created by a trusted device by checking the signature.
+created by a trusted device by checking the signature.  One way to confirm the
+new backup version if the signature cannot be checked is by asking the user to
+enter the recovery key, and confirming that the backup's public key matches
+what is expected.
 
 Other Issues
 ------------