48e8c55138
Merge branch 'master' into babolivier/standardised-federation-response-format
5 years ago
620e5dd74d
Merge branch 'babolivier/standardised-federation-response-format' of github.com:matrix-org/matrix-doc into babolivier/standardised-federation-response-format
5 years ago
cb2b71c0be
Remove /send + rename
5 years ago
fc26230007
Update proposals/1802-standardised-federation-response-format.md
...
Co-Authored-By: Matthew Hodgson <matthew@matrix.org>
5 years ago
185c564a13
Spec client-server IS unbind API
...
As per [MSC2140](https://github.com/matrix-org/matrix-doc/pull/2140 )
Note: this modifies the endpoint in MSC2140 to be more in line with the remainder of the proposal.
5 years ago
2d784d93ef
Merge branch 'master' into travis/spec/is-auth
5 years ago
675cabc33d
Merge pull request #2263 from matrix-org/travis/msc/id-server-optional
...
MSC2263: Give homeservers the ability to handle their own 3PID registrations/password resets
5 years ago
520c76a1cb
Spell out that the proposal also concerns homeservers
5 years ago
997360995c
Wording
...
Co-Authored-By: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
5 years ago
bddadfeb18
Typo
...
Co-Authored-By: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
5 years ago
552f71a9f9
Wording
...
Co-Authored-By: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
5 years ago
524ec52f73
Wording
...
Co-Authored-By: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
5 years ago
b2ce6f87bc
Merge branch 'master' into mass_redactions
5 years ago
7ba4564ac3
Remove soft fail auth rule option
...
Signed-off-by: Tulir Asokan <tulir@maunium.net>
5 years ago
a805d2b779
oops, premature merge
5 years ago
6d71a41e22
Proposal for ignoring invites
5 years ago
e6f85cacff
Specify that "existing auth rules" means room v5
5 years ago
b36fe24f1b
Let's not doubly remove things
5 years ago
60354f8cf9
MSC number
5 years ago
d1efd488b7
Proposal for mandating lowercasing when processing e-mail address localparts
5 years ago
f8780e2395
add note about edit
5 years ago
1a6eb9a413
Update proposals/2263-homeserver-pw-resets.md
...
Co-Authored-By: J. Ryan Stinnett <jryans@gmail.com>
5 years ago
6d5e90b1d6
Apply suggestions from code review
...
Co-Authored-By: Matthew Hodgson <matthew@matrix.org>
5 years ago
16bb3bd8b5
Add an unstable feature flag to MSC2140 for clients to detect support
5 years ago
4e43024039
Assign number
5 years ago
1d6501b6ec
What if we allowed homeservers to deal with their own business?
5 years ago
c909a7c423
Move omitting redacted_because into proposal and add security consideration
...
Signed-off-by: Tulir Asokan <tulir@maunium.net>
5 years ago
ef5d3b9f30
Correct token reference in MSC2140
5 years ago
79a5663ec3
Fix typos, inline links and move image into tree
...
Signed-off-by: Tulir Asokan <tulir@maunium.net>
5 years ago
238b78bbaf
Add potential issue with redacted_because field
...
Signed-off-by: Tulir Asokan <tulir@maunium.net>
5 years ago
cd75d0f220
Fix authenticity/authorization terminology
...
Co-authored-by: Kitsune Ral <Kitsune-Ral@users.sf.net>
Signed-off-by: Tulir Asokan <tulir@maunium.net>
5 years ago
984e0af7b2
Re-word auth rule section on handling each target separately
...
Co-authored-by: Jason Volk <jason@zemos.net>
Signed-off-by: Tulir Asokan <tulir@maunium.net>
Signed-off-by: Jason Volk <jason@zemos.net>
5 years ago
03ae5614b0
remove unnecessary space
5 years ago
e1b0042e7b
clarifications, minor fixes, formatting
5 years ago
9aade7291a
make it agree with what we actually did with key requests
5 years ago
cafe49d36d
some clarifications
5 years ago
356350de91
Merge pull request #2140 from matrix-org/dbkr/tos_2
...
MSC2140: Terms of Service for ISes and IMs
5 years ago
7a36016cbb
Merge pull request #2230 from matrix-org/dbkr/is_in_account_data
...
MSC2230: Store Identity Server in Account Data
5 years ago
0265817c56
Merge pull request #1957 from matrix-org/travis/msc/integrations/discovery
...
MSC1957: Integration manager discovery
5 years ago
4e2fe124d2
wording fixes/clarifications
5 years ago
4ad9bf7059
Merge pull request #1961 from matrix-org/travis/msc/integrations/auth
...
MSC1961: Integration manager authentication APIs
5 years ago
ec38013daa
Proposal to allow multiple targets for one redaction event
...
Signed-off-by: Tulir Asokan <tulir@maunium.net>
5 years ago
b0f873785d
Proposal for room version 6
5 years ago
b6f0e8e8ed
Clarify that the query string is because they are widgets
5 years ago
8b85fda52c
Add a link to the widget MSC to try and stem questions
5 years ago
4ea8f645d6
is_token -> id_access_token and add invite to proxy list
5 years ago
8ca50eaf9f
Merge pull request #2010 from Sorunome/soru/spoilers
...
MSC2010: Add client-side spoilers
5 years ago
8bd9d7caeb
Add full stop
...
Co-Authored-By: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
5 years ago
69315417b5
Typo
...
Co-Authored-By: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
5 years ago
4073d940da
Typo
...
Co-Authored-By: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
5 years ago
1f8cfd5729
Update migration mechanism
5 years ago
53a2ffb12a
Merge pull request #2197 from reivilibre/rei/msc_filter_over_fed
...
MSC2197: Search Filtering in Federation /publicRooms
5 years ago
788796e1c6
Multiple clarifications
5 years ago
9b2ca3cdfe
typoes / clarifications
...
Co-Authored-By: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
5 years ago
9e073e9647
Speeeeeeling
...
Co-Authored-By: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
5 years ago
997c5466a8
MSC2229: Allowing 3PID Owners to Rebind ( #2229 )
5 years ago
6d0067320c
clarify error proxying
5 years ago
12377fbf50
/account/logout not /logout
...
Co-Authored-By: Hubert Chathi <hubert@uhoreg.ca>
5 years ago
e4bdc283fd
Apply suggestions from code review
...
Typos / spelling
Co-Authored-By: Hubert Chathi <hubert@uhoreg.ca>
5 years ago
76f9196ff3
Address @richvdh's comments
5 years ago
865d3da0f8
General clarity improvements
5 years ago
22c9692684
Disclose origin story better
5 years ago
475c64de8c
Disclose origin story
5 years ago
4059661c29
Update proposals/2229-rebind-existing-3pid.md
...
Co-Authored-By: Kitsune Ral <Kitsune-Ral@users.sf.net>
5 years ago
4219e272ec
Drop the hard SHOULD
...
Adopts @turt2live's phrasing
Signed-off-by: Olivier Wilkinson (reivilibre) <olivier@librepush.net>
5 years ago
7e85b9d56a
Acknowledge other potential error responses for fallback
...
Signed-off-by: Olivier Wilkinson (reivilibre) <olivier@librepush.net>
5 years ago
97f856d706
Domain name is potentially personally-identifying
...
Thanks to @turt2live
Signed-off-by: Olivier Wilkinson (reivilibre) <olivier@librepush.net>
5 years ago
b9b984ae60
clarify
5 years ago
229cb67b01
Apply suggestions from code review
...
Use fewer formal MUST etc in proposal
Co-Authored-By: Travis Ralston <travpc@gmail.com>
5 years ago
7758e0701c
Remove homeserver warning
5 years ago
2c8d112089
assign number
5 years ago
2e2a74a235
Merge branch 'anoa/rebind_3pids' of github.com:matrix-org/matrix-doc into anoa/rebind_3pids
5 years ago
2547cc443c
backticks
5 years ago
01fc54faae
Update proposals/2229-rebind-existing-3pid.md
...
Co-Authored-By: Travis Ralston <travpc@gmail.com>
5 years ago
5b1ea4ffcb
Update proposals/2229-rebind-existing-3pid.md
...
Co-Authored-By: J. Ryan Stinnett <jryans@gmail.com>
5 years ago
cb1e3b8373
Take into account the 1 is case
5 years ago
f313b49c26
Add bind def.
5 years ago
be77b5823c
fix up
5 years ago
6ed0ae36ba
rename msc #
5 years ago
ed4d805d2f
flesh out
5 years ago
6330fff5a4
Draft for IS URL in account data
5 years ago
783fd78a6f
wip
5 years ago
353b6cd198
clarification
5 years ago
7ed5367516
clarifications, fix formatting
5 years ago
60cbc4567b
Addresses some of Andrew's comments
...
Signed-off-by: Olivier Wilkinson (reivilibre) <olivier@librepush.net>
5 years ago
a171d5f6fd
Check for a state_key on the tombstone push rule
...
This is an oversight from the proposal.
5 years ago
3087c76452
Merge pull request #2134 from matrix-org/hs/hash-identity
...
MSC2134: Identity Hash Lookups
5 years ago
493bb062af
MSC2197: update with privacy perspective
...
Includes recommendations for client developers.
Signed-off-by: Olivier Wilkinson (reivilibre) <olivier@librepush.net>
5 years ago
a71757f1ee
Merge pull request #2174 from matrix-org/rav/proposals/move_redacts_key
...
MSC2174: Move the `redacts` key to a sane place
5 years ago
25e3602bbe
3rd draft of MSC2209
5 years ago
3edf5e3c16
Make hashes real values
5 years ago
42dbeee7d3
MSC2209: 2nd draft @uhoregs changes
5 years ago
ec37fe4427
first draft of MSC2209
5 years ago
96e06b6f5f
Add line, britishise
5 years ago
3877724774
fix speeling
5 years ago
c401a4d47b
punctuation
5 years ago
acf8d34474
Merge branch 'hs/hash-identity' of github.com:matrix-org/matrix-doc into hs/hash-identity
5 years ago
3789d828fd
Incorporate solution analysis from the context of attacks
5 years ago
36e43ee326
Rewrap lines in MSC2917 to 80 chars wide
...
Signed-off-by: Olivier Wilkinson (reivilibre) <olivier@librepush.net>
5 years ago
80adbaff4c
switch to MSC1946 for storing recovery key
5 years ago
825757ffd8
add information about verifying backup by entering key
5 years ago
bd9efcdf53
add some information and an example
5 years ago
d47e13c6d9
this FIXME will be addressed in the key backup MSC
5 years ago
395d40314b
fix typos and make valid JSON
5 years ago
f989263872
MSC2181: Add an Error Code for Signaling a Deactivated User ( #2181 )
5 years ago
0c7c48bd12
MSC2175: Remove the `creator` field from `m.room.create` events ( #2175 )
...
Fixes #1193
5 years ago
33d22c3320
hashes are not stream ciphers
5 years ago
9913f5bc29
Slightly clarify pepper value
5 years ago
57de107ea9
Move medium back behind the address
5 years ago
f1f293678b
Apply suggestions from code review
...
Co-Authored-By: Travis Ralston <travpc@gmail.com>
Co-Authored-By: Kitsune Ral <Kitsune-Ral@users.sf.net>
5 years ago
4c22eb86b5
MSC for Search Filtering in Federation /publicRooms
...
Signed-off-by: Olivier Wilkinson (reivilibre) <olivier@librepush.net>
5 years ago
c8527b7af8
Merge branch 'hs/hash-identity' of github.com:matrix-org/matrix-doc into hs/hash-identity
5 years ago
4d1f2ea4f4
Apply suggestions from code review
...
Co-Authored-By: Hubert Chathi <hubert@uhoreg.ca>
5 years ago
6660768d85
Don't repeat fast hash bit
5 years ago
027c2d7260
Merge branch 'hs/hash-identity' of github.com:matrix-org/matrix-doc into hs/hash-identity
5 years ago
a17c74f592
switch medium and address around, space between address and pepper
5 years ago
5580a2a1a9
Update proposals/2134-identity-hash-lookup.md
...
Co-Authored-By: Hubert Chathi <hubert@uhoreg.ca>
5 years ago
ffbfde8a09
Update proposals/2134-identity-hash-lookup.md
...
Co-Authored-By: Hubert Chathi <hubert@uhoreg.ca>
5 years ago
87a54e8d8d
Merge branch 'hs/hash-identity' of github.com:matrix-org/matrix-doc into hs/hash-identity
5 years ago
6119b9a50d
*@hobnobbob.com is unlikely to be guessed
5 years ago
20c72a3649
Update proposals/2134-identity-hash-lookup.md
...
Co-Authored-By: David Baker <dbkr@users.noreply.github.com>
5 years ago
0ac70b268a
Clarify peppering should not happen on none algo
5 years ago
da876bb340
missing word
5 years ago
c6dd5951a1
Clients can cache the hash details if they want to
5 years ago
8f3e588708
pepper is not a secret val. Still needs to be around.
5 years ago
3b8c57e06c
Don't require servers/clients to support "none"
5 years ago
3031df79cc
Add example for none algo
5 years ago
9fd6bd3184
Add details about why this proposal should exist
5 years ago
b26a9ed1fd
Expand on why we can't trust dirty homeservers
5 years ago
577021f12b
resolve some comments
5 years ago
9e264fedc9
Updates
...
* preserve *all* of `create`
* don't preserve `notifications` or `algorithm`, and add some justifcation.
5 years ago
887cd5e7d0
I really hope someone doesn't invest none-hash
5 years ago
0444c8016b
review comments
5 years ago
4503327450
Add some compatibility hacks.
5 years ago
d324cac847
preserve powerlevel
5 years ago
b49a950245
Update proposals/2176-update-redaction-rules.md
...
fix typo
Co-Authored-By: Kitsune Ral <Kitsune-Ral@users.sf.net>
5 years ago
9ebcff5758
fix typo, add section on html details element
5 years ago
36cb8ed894
none -> m.none
5 years ago
1f786ae6dc
commit image into repo, fix typo
5 years ago
d9269b084f
Exclude pubkey endpoints from auth
5 years ago
a1de6ff634
Hopefully clarify some bits
5 years ago
cd5549d483
Proposal to update the redaction algorithm
5 years ago
b09d48a9f7
Spec link
5 years ago
78d46b2890
Proposal to move the `redacts` key to a sane place
5 years ago
25a47afa32
unnecessary capital mk. 2
...
Co-Authored-By: J. Ryan Stinnett <jryans@gmail.com>
5 years ago
6e061b1baf
unnecessary capital
...
Co-Authored-By: J. Ryan Stinnett <jryans@gmail.com>
5 years ago
f474b31f5f
typo
...
Co-Authored-By: J. Ryan Stinnett <jryans@gmail.com>
5 years ago
3514437d24
Ability for client/server to decide on no hashing
5 years ago
9bb6ad80d1
typo
5 years ago
ed67e26037
pepper must not be an empty string, append medium
5 years ago
1963a24832
fix attacks paragraph
5 years ago
dd8a6549c9
Address review comments
5 years ago
701d340da1
Remove exception for request/submitToken
5 years ago
bf8a1e5d5f
Add way to get the HS to bind/unbind existing 3pids
5 years ago
3702669424
update from comments
5 years ago
30dcc28f9b
try & clarify that HS signature isn't the only acceptable auth for unbind
5 years ago
f4a1e02884
simple method once more
5 years ago
4d31ddc8c9
additions and clarifications
...
- indicate how to use MSC 1946 to store/share private keys
- add signing by devices to enable migrating from device verifications
- add information about signature upload failures and M_INVALID_SIGNATURE code
- add security consideration
5 years ago
53bd384f2e
Clarify salting
5 years ago
3aaf181db2
rename some things and add clarification
5 years ago
1a669348d8
http status code
5 years ago
d15c9df115
fullstop
...
Co-Authored-By: Travis Ralston <travpc@gmail.com>
5 years ago
e28f7aad72
slash
...
Co-Authored-By: Travis Ralston <travpc@gmail.com>
5 years ago
4c72c37b80
slash
...
Co-Authored-By: Travis Ralston <travpc@gmail.com>
5 years ago
10858bf83b
set account data after registration
5 years ago
79dbad2914
remove acceptance token mention
5 years ago
ac6b9bdb7c
s/deprecate/remove/
5 years ago
7f65364804
Typo
...
Co-Authored-By: Travis Ralston <travpc@gmail.com>
5 years ago
03e6ab0103
re-word double openid
5 years ago
d00dfb7822
exclude submittoken too
5 years ago
f02e4c2e9c
both registers are excluded from auth
...
Co-Authored-By: Travis Ralston <travpc@gmail.com>
5 years ago
5374030cc0
Drop application/x-form-www-urlencoded in v2
5 years ago
2d11217d4e
Typo
...
Co-Authored-By: Travis Ralston <travpc@gmail.com>
5 years ago
8af35be13f
Typo
...
Co-Authored-By: Travis Ralston <travpc@gmail.com>
5 years ago
922a20ba26
small fixes
5 years ago
6f81d3774b
New hashing method
5 years ago
fe14d3c9f0
Spec terms response
5 years ago
786d5bc281
rewrite UI auth tradeoffs
5 years ago
45d630951c
back to M_TERMS_NOT_SIGNED
5 years ago
83bb3861ba
line wrap
5 years ago
8897ea4bb1
Merge branch 'master' into travis/msc/integrations/discovery
5 years ago
a2a7b7ff13
Merge branch 'master' into travis/msc/integrations/auth
5 years ago
bfd8e52c23
Formatting
5 years ago
d8283b9cdf
Add option to use query string
5 years ago
e80753e56c
Add .well-known discovery
5 years ago
4be283ccb3
Typing
...
Co-Authored-By: Travis Ralston <travpc@gmail.com>
5 years ago
f95197b422
make the many-anded sentence a list
5 years ago
10a6a59a12
Deprecate `bind_email` / `bind_msisdn`
5 years ago
b5326de1c4
Exclude requestToken endpoints from auth requirement
5 years ago
540aab82a1
accidentally formatted the wrong entry
5 years ago
6260871a21
spoiler fallback to uploaded media
5 years ago
21b9eaf8de
No custom HTTP headers
...
Use the obvious way: in the same place as the ID server address
5 years ago
2694bb1090
Add really horrible custom HTTP header
...
for giving the IS token to the HS
5 years ago
58cf083a6a
backwards compat
5 years ago
6273868323
Clarify v1 API deprecation
5 years ago
4edf826c93
Capitalise on our identifiers
5 years ago
ba7047ce77
Clarify we must be accepting HS auth
...
Co-Authored-By: Travis Ralston <travpc@gmail.com>
5 years ago
1d75828c71
Clarify what to do if no (new) docs
5 years ago
af691b5a8a
Clarify this applies to 2134
...
Co-Authored-By: Travis Ralston <travpc@gmail.com>
5 years ago
57094276ce
Typing hard is
...
Co-Authored-By: Travis Ralston <travpc@gmail.com>
5 years ago
7549c5dd76
Merge branch 'hs/hash-identity' of github.com:matrix-org/matrix-doc into hs/hash-identity
5 years ago
0fd4fe2542
Add algo/pepper to err resp
5 years ago
dfb37fcce1
update with feedback
5 years ago
df88b13ce1
Update proposals/2134-identity-hash-lookup.md
...
Co-Authored-By: Hubert Chathi <hubert@uhoreg.ca>
5 years ago
9e0d8b9cb2
Use M_CONSENT_NOT_GIVEN
...
No idea where I got the other one from: we already have one in the
spec, so use it.
5 years ago
0dae2d5812
GET terms must be unauthed.
...
Detail process for new auth (don't register until consent given).
Specifically mention the authentication header.
5 years ago
4f83cc1c24
moved client spoiler conversion to potential issues
5 years ago
6f374dc981
Re-write for OpenID auth
5 years ago
2c09580e27
line wrap
5 years ago
96e43aaf45
Define what characters lookup_pepper can consist of
5 years ago
f951f312e1
Fix terrible wording
5 years ago
fae6883cc0
Update with review comments
5 years ago
0a4c83ddb9
no plural. 3pid -> 3PID
5 years ago
36a35a33cc
Clarify how the spec defines hashing algs
5 years ago
ee10576d60
Update with feedback
5 years ago
abb407145a
HS docs must be added too
...
also, unbind must not error when called by HSes and proxy terms token
5 years ago
8ae47557c9
s/Third Party/Accepted/
5 years ago
2555801458
m.third_party_terms -> m.accepted_terms
...
as it will have the HS's terms too
5 years ago
4ba9b2a599
perfix
5 years ago
a63e4420eb
Linkify
...
Co-Authored-By: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
5 years ago
02ac0f3b33
Give the user control!
5 years ago
acdb2b1b42
Merge branch 'hs/hash-identity' of github.com:matrix-org/matrix-doc into hs/hash-identity
5 years ago
e3ff80291f
http err codes and hash wording fixes
5 years ago
21e93a123e
Naming and capitalization
5 years ago
53f025edfc
Specify optional pepper rotation period
5 years ago
2383a55720
404 for deprecated endpoint
5 years ago
c63edc7b97
Clean up wording around peppers and hashes
5 years ago
e3b2ad38b5
pepper -> lookup_pepper
5 years ago
1fea604ba9
Don't define error message
5 years ago
9ca3ccc81c
Add requirments section for de-duping between services.
5 years ago
d4ca0c237a
Specify ID grammar and add comma
5 years ago
276e2b6843
Typo
...
Co-Authored-By: Travis Ralston <travpc@gmail.com>
5 years ago
cf48030d1f
One more tradeoff
5 years ago
32c7fc638d
you have a number now
5 years ago
23af87e9fc
Proposal for IS & IM TOS API
5 years ago
1343e19a6d
Specify hash algorithm and fallback considerations
5 years ago
f28476f0f3
line wrap and fix wording
5 years ago
3ee27d3818
salt->pepper. 1 pepper/is. add multi-hash idea
5 years ago
f41ed02c9e
remove sec concerns
5 years ago
6bb4a9e911
Add per-is salt consideration
5 years ago
5049e552e7
Drop /api from the new endpoint
5 years ago
bc9b6c3659
Add salt to example and signal link
5 years ago
063b9f60e0
Require a salt to defend against rainbow tables
5 years ago
d2b47a585d
Allow for changing the hashing algo and add at-rest details
5 years ago
f8dbf2b360
Update proposals/2134-identity-hash-lookup.md
...
Co-Authored-By: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
5 years ago
12431f1a4e
Base64 potential issue
6 years ago
8b92df74ab
s/medium/address
6 years ago
a8c26d208b
Wrap
6 years ago
3eff76b00a
MSC 2134
6 years ago
26349417ba
update spoiler render idea
6 years ago
Brendan Abolivier