fix sectioning and add a background

pull/977/head
Hubert Chathi 6 years ago
parent 2d3b5f4481
commit e9aa4081bc

@ -1,8 +1,22 @@
# Background
# Cross-signing devices with master keys
FIXME: something something
## Background
# Proposal
A user with multiple devices will have a different key for end-to-end
encryption for each device. Other users who want to communicate securely with
this user must then verify each key on each of their devices. If Alice has *n*
devices, and Bob has *m* devices, then for Alice to be able to communicate with
Bob on any of their devices, this involves *n×m* key verifications.
One way to addresss this is for each user to use a "master key" for their
identity which signs all of their devices. Thus another user who wishes to
verify their identity only needs to verify their master, key and can use the
master key to verify their devices.
[MSC1680](https://github.com/matrix-org/matrix-doc/issues/1680) presents a
different solution to the problem.
## Proposal
Each user has a "master identity key" that is used to sign their devices, and
is signed by all of their devices. When one user (Alice) verifies another
@ -38,9 +52,9 @@ Users will only be allowed to see signatures made by their own master identity
key, or signatures made by other users' master identity keys on their own
devices.
# API description
### API description
## Possible API 1
#### Possible API 1
Use the same API as MSC1680, but with additions.
@ -93,7 +107,7 @@ require creating a new backup version, which may be what users need to do
anyways). Or the private master key could be stored in account data,
e.g. `/user/{userId}/account_data/m.master.{deviceId}`.
## Possible API 2
#### Possible API 2
Treat master key separately from normal devices and adding special handling for
them. This might result in a nicer API, but make the implementation more
@ -103,7 +117,7 @@ attestations separately.
TODO: write this option out
# Comparison with MSC1680
## Comparison with MSC1680
MSC1680 suffers from the fact that the attestation graph may be arbitrarily
complex and may become ambiguous how the graph should be interpreted. In
@ -144,6 +158,8 @@ In contrast, with this proposal, there is a clear way to rebuild the
attestation graph: create a new master identity key, and re-verify all devices
with it.
# Conclusion
## Security considerations
## Conclusion
This proposal presents an alternative cross-signing mechanism to MSC1680.

Loading…
Cancel
Save