diff --git a/specification/30_server_server_api.rst b/specification/30_server_server_api.rst index 6362ef93..82952c06 100644 --- a/specification/30_server_server_api.rst +++ b/specification/30_server_server_api.rst @@ -556,6 +556,7 @@ Rejecting a presence invite:: Profiles -------- + The server API for profiles is based entirely on the following Federation Queries. There are no additional EDU or PDU types involved, other than the implicit ``m.presence`` and ``m.room.member`` events (see section below). @@ -576,3 +577,4 @@ If the query contains the optional ``field`` key, it should give the name of a result field. If such is present, then the result should contain only a field of that name, with no others present. If not, the result should contain as much of the user's profile as the home server has available and can make public. + diff --git a/specification/31_event_signing.rst b/specification/31_event_signing.rst index 81914a9e..12c89adb 100644 --- a/specification/31_event_signing.rst +++ b/specification/31_event_signing.rst @@ -2,7 +2,7 @@ Signing Events ============== Canonical JSON -~~~~~~~~~~~~~~ +-------------- Matrix events are represented using JSON objects. If we want to sign JSON events we need to encode the JSON as a binary string. Unfortunately the same @@ -38,7 +38,7 @@ using this representation. ).encode("UTF-8") Grammar -+++++++ +~~~~~~~ Adapted from the grammar in http://tools.ietf.org/html/rfc7159 removing insignificant whitespace, fractions, exponents and redundant character escapes @@ -69,14 +69,14 @@ insignificant whitespace, fractions, exponents and redundant character escapes / %x75.30.30.31 (%x30-39 / %x61-66) ; u001X Signing JSON -~~~~~~~~~~~~ +------------ We can now sign a JSON object by encoding it as a sequence of bytes, computing the signature for that sequence and then adding the signature to the original JSON object. Signing Details -+++++++++++++++ +~~~~~~~~~~~~~~~ JSON is signed by encoding the JSON object without ``signatures`` or keys grouped as ``unsigned``, using the canonical encoding described above. The JSON bytes are then signed using the @@ -133,7 +133,7 @@ and additional signatures. return json_object Checking for a Signature -++++++++++++++++++++++++ +~~~~~~~~~~~~~~~~~~~~~~~~ To check if an entity has signed a JSON object a server does the following @@ -151,7 +151,7 @@ To check if an entity has signed a JSON object a server does the following the check fails. Otherwise the check succeeds. Signing Events -~~~~~~~~~~~~~~ +============== Signing events is a more complicated process since servers can choose to redact non-essential parts of an event. Before signing the event it is encoded as