|
|
|
@ -48,11 +48,17 @@ A key with ID `abcdefg` is stored in `m.secret_storage.key.abcdefg`
|
|
|
|
|
}
|
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
If a key has the `name` property set to `m.default`, then this key is treated as
|
|
|
|
|
the default key for the account. The default key is the one that all secrets
|
|
|
|
|
will be encrypted with, and that clients will try to use to decrypt data with,
|
|
|
|
|
unless the user specifies otherwise. Only one key can be marked as the default
|
|
|
|
|
at a time.
|
|
|
|
|
A key can be marked as the "default" key by setting the user's account_data
|
|
|
|
|
with event type `m.secret_storage.default_key` to the ID of the key. The
|
|
|
|
|
default key will be used to encrypet all secrets that the user would expect to
|
|
|
|
|
be available on all their clients. Unless the user specifies otherwise,
|
|
|
|
|
clients will try to use the default key to decrypt secrets.
|
|
|
|
|
|
|
|
|
|
Clients MUST ensure that the key is trusted before using it to encrypt secrets.
|
|
|
|
|
One way to do that is to have the client that creates the key sign the key
|
|
|
|
|
description (as signed JSON) using the user's master cross-signing key.
|
|
|
|
|
Another way to do that is to prompt the user to enter the passphrase and ensure
|
|
|
|
|
that the generated private key correponds to the public key.
|
|
|
|
|
|
|
|
|
|
#### Secret storage
|
|
|
|
|
|
|
|
|
|