diff --git a/content/client-server-api/modules/end_to_end_encryption.md b/content/client-server-api/modules/end_to_end_encryption.md index 2c9863e4..ce8e6344 100644 --- a/content/client-server-api/modules/end_to_end_encryption.md +++ b/content/client-server-api/modules/end_to_end_encryption.md @@ -602,24 +602,27 @@ package naming convention. At any point the interactive verification can go wrong. The following describes what to do when an error happens: -- Alice or Bob can cancel the verification at any time. An - [`m.key.verification.cancel`](#mkeyverificationcancel) message must be sent to signify the - cancellation. -- The verification can time out. Clients should time out a verification that - does not complete within 10 minutes. Additionally, clients should expire a - `transaction_id` which goes unused for 10 minutes after having last - sent/received it. The client should inform the user that the verification - timed out, and send an appropriate `m.key.verification.cancel` message to - the other device. -- When the same device attempts to initiate multiple verification attempts, - the recipient should cancel all attempts with that device. -- When a device receives an unknown `transaction_id`, it should send an - appropriate `m.key.verification.cancel` message to the other device - indicating as such. This does not apply for inbound - `m.key.verification.request` or `m.key.verification.cancel` messages. -- If the device receives a message out of sequence or that it was not - expecting, it should notify the other device with an appropriate - `m.key.verification.cancel` message. +- Alice or Bob can cancel the verification at any time. An + [`m.key.verification.cancel`](#mkeyverificationcancel) message must be sent to + signify the cancellation. +- The verification can time out. Clients should time out a verification that + does not complete within 10 minutes. Additionally, clients should expire a + `transaction_id` which goes unused for 10 minutes after having last + sent/received it. The client should inform the user that the verification + timed out, and send an appropriate + [`m.key.verification.cancel`](#mkeyverificationcancel) message to the other + device. +- When the same device attempts to initiate multiple verification attempts, + the recipient should cancel all attempts with that device. +- When a device receives an unknown `transaction_id`, it should send an + appropriate [`m.key.verification.cancel`](#mkeyverificationcancel) message to + the other device indicating as such. This does not apply for inbound + [`m.key.verification.request`](#mkeyverificationrequest), + [`m.key.verification.start`](#mkeyverificationstart), or + [`m.key.verification.cancel`](#mkeyverificationcancel) messages. +- If the device receives a message out of sequence or that it was not expecting, + it should notify the other device with an appropriate + [`m.key.verification.cancel`](#mkeyverificationcancel) message. ##### Short Authentication String (SAS) verification