Specify optional pepper rotation period

pull/977/head
Andrew Morgan 6 years ago
parent 2383a55720
commit 53f025edfc

@ -34,9 +34,12 @@ value, and the resulting digest MUST be encoded in unpadded base64.
Identity servers must specify their own hashing algorithms (from a list of Identity servers must specify their own hashing algorithms (from a list of
specified values) and peppers, which will be useful if a rainbow table is specified values) and peppers, which will be useful if a rainbow table is
released for their current one. Identity servers could also set a timer for released for their current one. Identity servers could also set a timer for
rotating the pepper value to further impede rainbow table publishing. As such, rotating the pepper value to further impede rainbow table publishing (the
it must be possible for clients to be able to query what pepper an identity recommended period is every 30m, which should be enough for a client to
server requires before sending it hashes. A new endpoint must be added: complete the hashing of all of a user's contacts, but also be nowhere near as
long enough to create a sophisticated rainbow table). As such, it must be
possible for clients to be able to query what pepper an identity server
requires before sending it hashes. A new endpoint must be added:
``` ```
GET /_matrix/identity/v2/hash_details GET /_matrix/identity/v2/hash_details

Loading…
Cancel
Save