|
|
@ -71,21 +71,21 @@ denny@example.com
|
|
|
|
```
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
|
|
The client will hash each 3PID as a concatenation of the medium and address,
|
|
|
|
The client will hash each 3PID as a concatenation of the medium and address,
|
|
|
|
separated by a space and a pepper appended to the end. Note that phone
|
|
|
|
separated by a space and a pepper, also separated by a space, appended to the
|
|
|
|
numbers should be formatted as defined by
|
|
|
|
end. Note that phone numbers should be formatted as defined by
|
|
|
|
https://matrix.org/docs/spec/appendices#pstn-phone-numbers, before being
|
|
|
|
https://matrix.org/docs/spec/appendices#pstn-phone-numbers, before being
|
|
|
|
hashed). Note that "pepper" in this proposal simply refers to a public,
|
|
|
|
hashed). Note that "pepper" in this proposal simply refers to a public,
|
|
|
|
opaque string that is used to produce different hash results between identity
|
|
|
|
opaque string that is used to produce different hash results between identity
|
|
|
|
servers. Its value is not secret.
|
|
|
|
servers. Its value is not secret.
|
|
|
|
|
|
|
|
|
|
|
|
First the client must append the medium to the address:
|
|
|
|
First the client must prepend the medium (plus a space) to the address:
|
|
|
|
|
|
|
|
|
|
|
|
```
|
|
|
|
```
|
|
|
|
"alice@example.com" -> "alice@example.com email"
|
|
|
|
"alice@example.com" -> "email alice@example.com"
|
|
|
|
"bob@example.com" -> "bob@example.com email"
|
|
|
|
"bob@example.com" -> "email bob@example.com"
|
|
|
|
"carl@example.com" -> "carl@example.com email"
|
|
|
|
"carl@example.com" -> "email carl@example.com"
|
|
|
|
"+1 234 567 8910" -> "12345678910 msisdn"
|
|
|
|
"+1 234 567 8910" -> "msisdn 12345678910"
|
|
|
|
"denny@example.com" -> "denny@example.com email"
|
|
|
|
"denny@example.com" -> "email denny@example.com"
|
|
|
|
```
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
|
|
Hashes must be peppered in order to reduce both the information an identity
|
|
|
|
Hashes must be peppered in order to reduce both the information an identity
|
|
|
@ -110,14 +110,15 @@ being returned for other endpoints in the future. The contents of
|
|
|
|
hashing is being performed or not. When no hashing is occuring, a pepper
|
|
|
|
hashing is being performed or not. When no hashing is occuring, a pepper
|
|
|
|
value of at least length 1 is still required.
|
|
|
|
value of at least length 1 is still required.
|
|
|
|
|
|
|
|
|
|
|
|
If hashing, the client appends the pepper to the end of the 3PID string.
|
|
|
|
If hashing, the client appends the pepper to the end of the 3PID string,
|
|
|
|
|
|
|
|
after a space.
|
|
|
|
|
|
|
|
|
|
|
|
```
|
|
|
|
```
|
|
|
|
"alice@example.com email" -> "alice@example.com emailmatrixrocks"
|
|
|
|
"alice@example.com email" -> "email alice@example.com matrixrocks"
|
|
|
|
"bob@example.com email" -> "bob@example.com emailmatrixrocks"
|
|
|
|
"bob@example.com email" -> "email bob@example.com matrixrocks"
|
|
|
|
"carl@example.com email" -> "carl@example.com emailmatrixrocks"
|
|
|
|
"carl@example.com email" -> "email carl@example.com matrixrocks"
|
|
|
|
"12345678910 msdisn" -> "12345678910 msisdnmatrixrocks"
|
|
|
|
"12345678910 msdisn" -> "msisdn 12345678910 matrixrocks"
|
|
|
|
"denny@example.com email" -> "denny@example.com emailmatrixrocks"
|
|
|
|
"denny@example.com email" -> "email denny@example.com matrixrocks"
|
|
|
|
```
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
|
|
Clients can cache the result of this endpoint, but should re-request it
|
|
|
|
Clients can cache the result of this endpoint, but should re-request it
|
|
|
@ -184,11 +185,11 @@ performed, the client sends each hash in an array.
|
|
|
|
```
|
|
|
|
```
|
|
|
|
NOTE: Hashes are not real values
|
|
|
|
NOTE: Hashes are not real values
|
|
|
|
|
|
|
|
|
|
|
|
"alice@example.com emailmatrixrocks" -> "y_TvXLKxFT9CURPXI1wvfjvfvsXe8FPgYj-mkQrnszs"
|
|
|
|
"email alice@example.com matrixrocks" -> "y_TvXLKxFT9CURPXI1wvfjvfvsXe8FPgYj-mkQrnszs"
|
|
|
|
"bob@example.com emailmatrixrocks" -> "r0-6x3rp9zIWS2suIque-wXTnlv9sc41fatbRMEOwQE"
|
|
|
|
"email bob@example.com matrixrocks" -> "r0-6x3rp9zIWS2suIque-wXTnlv9sc41fatbRMEOwQE"
|
|
|
|
"carl@example.com emailmatrixrocks" -> "ryr10d1K8fcFVxALb3egiSquqvFAxQEwegXtlHoQFBw"
|
|
|
|
"email carl@example.com matrixrocks" -> "ryr10d1K8fcFVxALb3egiSquqvFAxQEwegXtlHoQFBw"
|
|
|
|
"12345678910 msisdnmatrixrocks" -> "c_30UaSZhl5tyanIjFoE1IXTmuU3vmptEwVOc3P2Ens"
|
|
|
|
"msisdn 12345678910 matrixrocks" -> "c_30UaSZhl5tyanIjFoE1IXTmuU3vmptEwVOc3P2Ens"
|
|
|
|
"denny@example.com emailmatrixrocks" -> "bxt8rtRaOzMkSk49zIKE_NfqTndHvGbWHchZskW3xmY"
|
|
|
|
"email denny@example.com matrixrocks" -> "bxt8rtRaOzMkSk49zIKE_NfqTndHvGbWHchZskW3xmY"
|
|
|
|
|
|
|
|
|
|
|
|
POST /_matrix/identity/v2/lookup
|
|
|
|
POST /_matrix/identity/v2/lookup
|
|
|
|
|
|
|
|
|
|
|
@ -238,11 +239,11 @@ lookup pepper, as no hashing will occur. Appending a space and the 3PID
|
|
|
|
medium to each address is still necessary:
|
|
|
|
medium to each address is still necessary:
|
|
|
|
|
|
|
|
|
|
|
|
```
|
|
|
|
```
|
|
|
|
"alice@example.com" -> "alice@example.com email"
|
|
|
|
"alice@example.com" -> "email alice@example.com"
|
|
|
|
"bob@example.com" -> "bob@example.com email"
|
|
|
|
"bob@example.com" -> "email bob@example.com"
|
|
|
|
"carl@example.com" -> "carl@example.com email"
|
|
|
|
"carl@example.com" -> "email carl@example.com"
|
|
|
|
"12345678910" -> "12345678910 msisdn"
|
|
|
|
"+1 234 567 8910" -> "msisdn 12345678910"
|
|
|
|
"denny@example.com" -> "denny@example.com email"
|
|
|
|
"denny@example.com" -> "email denny@example.com"
|
|
|
|
```
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
|
|
The client then sends these off to the identity server in a `POST` request to
|
|
|
|
The client then sends these off to the identity server in a `POST` request to
|
|
|
@ -253,11 +254,11 @@ POST /_matrix/identity/v2/lookup
|
|
|
|
|
|
|
|
|
|
|
|
{
|
|
|
|
{
|
|
|
|
"addresses": [
|
|
|
|
"addresses": [
|
|
|
|
"alice@example.com email",
|
|
|
|
"email alice@example.com",
|
|
|
|
"bob@example.com email",
|
|
|
|
"email bob@example.com",
|
|
|
|
"carl@example.com email",
|
|
|
|
"email carl@example.com",
|
|
|
|
"12345678910 msisdn",
|
|
|
|
"msisdn 12345678910",
|
|
|
|
"denny@example.com email"
|
|
|
|
"email denny@example.com"
|
|
|
|
],
|
|
|
|
],
|
|
|
|
"algorithm": "none",
|
|
|
|
"algorithm": "none",
|
|
|
|
"pepper": "matrixrocks"
|
|
|
|
"pepper": "matrixrocks"
|
|
|
@ -276,8 +277,8 @@ it has that correspond to these 3PID addresses, and returns them:
|
|
|
|
```
|
|
|
|
```
|
|
|
|
{
|
|
|
|
{
|
|
|
|
"mappings": {
|
|
|
|
"mappings": {
|
|
|
|
"alice@example.com email": "@alice:example.com",
|
|
|
|
"email alice@example.com": "@alice:example.com",
|
|
|
|
"12345678910 msisdn": "@fred:example.com"
|
|
|
|
"msisdn 12345678910": "@fred:example.com"
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
```
|
|
|
|
```
|
|
|
|