Andrew Morgan
|
783fd78a6f
|
wip
|
5 years ago |
Richard van der Hoff
|
353b6cd198
|
clarification
|
5 years ago |
Hubert Chathi
|
7ed5367516
|
clarifications, fix formatting
|
5 years ago |
Olivier Wilkinson (reivilibre)
|
60cbc4567b
|
Addresses some of Andrew's comments
Signed-off-by: Olivier Wilkinson (reivilibre) <olivier@librepush.net>
|
5 years ago |
Travis Ralston
|
a171d5f6fd
|
Check for a state_key on the tombstone push rule
This is an oversight from the proposal.
|
5 years ago |
Travis Ralston
|
3087c76452
|
Merge pull request #2134 from matrix-org/hs/hash-identity
MSC2134: Identity Hash Lookups
|
5 years ago |
Olivier Wilkinson (reivilibre)
|
493bb062af
|
MSC2197: update with privacy perspective
Includes recommendations for client developers.
Signed-off-by: Olivier Wilkinson (reivilibre) <olivier@librepush.net>
|
5 years ago |
Travis Ralston
|
a71757f1ee
|
Merge pull request #2174 from matrix-org/rav/proposals/move_redacts_key
MSC2174: Move the `redacts` key to a sane place
|
5 years ago |
Andrew Morgan
|
3edf5e3c16
|
Make hashes real values
|
5 years ago |
Andrew Morgan
|
96e06b6f5f
|
Add line, britishise
|
5 years ago |
Andrew Morgan
|
3877724774
|
fix speeling
|
5 years ago |
Andrew Morgan
|
c401a4d47b
|
punctuation
|
5 years ago |
Andrew Morgan
|
acf8d34474
|
Merge branch 'hs/hash-identity' of github.com:matrix-org/matrix-doc into hs/hash-identity
|
5 years ago |
Andrew Morgan
|
3789d828fd
|
Incorporate solution analysis from the context of attacks
|
5 years ago |
Olivier Wilkinson (reivilibre)
|
36e43ee326
|
Rewrap lines in MSC2917 to 80 chars wide
Signed-off-by: Olivier Wilkinson (reivilibre) <olivier@librepush.net>
|
5 years ago |
Hubert Chathi
|
80adbaff4c
|
switch to MSC1946 for storing recovery key
|
5 years ago |
Hubert Chathi
|
825757ffd8
|
add information about verifying backup by entering key
|
5 years ago |
Andrew Morgan
|
f989263872
|
MSC2181: Add an Error Code for Signaling a Deactivated User (#2181)
|
5 years ago |
Richard van der Hoff
|
0c7c48bd12
|
MSC2175: Remove the `creator` field from `m.room.create` events (#2175)
Fixes #1193
|
5 years ago |
Andrew Morgan
|
33d22c3320
|
hashes are not stream ciphers
|
5 years ago |
Andrew Morgan
|
9913f5bc29
|
Slightly clarify pepper value
|
5 years ago |
Andrew Morgan
|
57de107ea9
|
Move medium back behind the address
|
5 years ago |
Richard van der Hoff
|
f1f293678b
|
Apply suggestions from code review
Co-Authored-By: Travis Ralston <travpc@gmail.com>
Co-Authored-By: Kitsune Ral <Kitsune-Ral@users.sf.net>
|
5 years ago |
Olivier Wilkinson (reivilibre)
|
4c22eb86b5
|
MSC for Search Filtering in Federation /publicRooms
Signed-off-by: Olivier Wilkinson (reivilibre) <olivier@librepush.net>
|
5 years ago |
Andrew Morgan
|
c8527b7af8
|
Merge branch 'hs/hash-identity' of github.com:matrix-org/matrix-doc into hs/hash-identity
|
5 years ago |
Andrew Morgan
|
4d1f2ea4f4
|
Apply suggestions from code review
Co-Authored-By: Hubert Chathi <hubert@uhoreg.ca>
|
5 years ago |
Andrew Morgan
|
6660768d85
|
Don't repeat fast hash bit
|
5 years ago |
Andrew Morgan
|
027c2d7260
|
Merge branch 'hs/hash-identity' of github.com:matrix-org/matrix-doc into hs/hash-identity
|
5 years ago |
Andrew Morgan
|
a17c74f592
|
switch medium and address around, space between address and pepper
|
5 years ago |
Andrew Morgan
|
5580a2a1a9
|
Update proposals/2134-identity-hash-lookup.md
Co-Authored-By: Hubert Chathi <hubert@uhoreg.ca>
|
5 years ago |
Andrew Morgan
|
ffbfde8a09
|
Update proposals/2134-identity-hash-lookup.md
Co-Authored-By: Hubert Chathi <hubert@uhoreg.ca>
|
5 years ago |
Andrew Morgan
|
87a54e8d8d
|
Merge branch 'hs/hash-identity' of github.com:matrix-org/matrix-doc into hs/hash-identity
|
5 years ago |
Andrew Morgan
|
6119b9a50d
|
*@hobnobbob.com is unlikely to be guessed
|
5 years ago |
Andrew Morgan
|
20c72a3649
|
Update proposals/2134-identity-hash-lookup.md
Co-Authored-By: David Baker <dbkr@users.noreply.github.com>
|
5 years ago |
Andrew Morgan
|
0ac70b268a
|
Clarify peppering should not happen on none algo
|
5 years ago |
Andrew Morgan
|
da876bb340
|
missing word
|
5 years ago |
Andrew Morgan
|
c6dd5951a1
|
Clients can cache the hash details if they want to
|
5 years ago |
Andrew Morgan
|
8f3e588708
|
pepper is not a secret val. Still needs to be around.
|
5 years ago |
Andrew Morgan
|
3b8c57e06c
|
Don't require servers/clients to support "none"
|
5 years ago |
Andrew Morgan
|
3031df79cc
|
Add example for none algo
|
5 years ago |
Andrew Morgan
|
9fd6bd3184
|
Add details about why this proposal should exist
|
5 years ago |
Andrew Morgan
|
b26a9ed1fd
|
Expand on why we can't trust dirty homeservers
|
5 years ago |
Andrew Morgan
|
577021f12b
|
resolve some comments
|
5 years ago |
Richard van der Hoff
|
9e264fedc9
|
Updates
* preserve *all* of `create`
* don't preserve `notifications` or `algorithm`, and add some justifcation.
|
5 years ago |
Andrew Morgan
|
887cd5e7d0
|
I really hope someone doesn't invest none-hash
|
5 years ago |
Andrew Morgan
|
0444c8016b
|
review comments
|
5 years ago |
Richard van der Hoff
|
4503327450
|
Add some compatibility hacks.
|
5 years ago |
Richard van der Hoff
|
d324cac847
|
preserve powerlevel
|
5 years ago |
Richard van der Hoff
|
b49a950245
|
Update proposals/2176-update-redaction-rules.md
fix typo
Co-Authored-By: Kitsune Ral <Kitsune-Ral@users.sf.net>
|
5 years ago |
Sorunome
|
9ebcff5758
|
fix typo, add section on html details element
|
5 years ago |
Andrew Morgan
|
36cb8ed894
|
none -> m.none
|
5 years ago |
Sorunome
|
1f786ae6dc
|
commit image into repo, fix typo
|
5 years ago |
David Baker
|
d9269b084f
|
Exclude pubkey endpoints from auth
|
5 years ago |
David Baker
|
a1de6ff634
|
Hopefully clarify some bits
|
5 years ago |
Richard van der Hoff
|
cd5549d483
|
Proposal to update the redaction algorithm
|
5 years ago |
Richard van der Hoff
|
b09d48a9f7
|
Spec link
|
5 years ago |
Richard van der Hoff
|
78d46b2890
|
Proposal to move the `redacts` key to a sane place
|
5 years ago |
David Baker
|
25a47afa32
|
unnecessary capital mk. 2
Co-Authored-By: J. Ryan Stinnett <jryans@gmail.com>
|
5 years ago |
David Baker
|
6e061b1baf
|
unnecessary capital
Co-Authored-By: J. Ryan Stinnett <jryans@gmail.com>
|
5 years ago |
David Baker
|
f474b31f5f
|
typo
Co-Authored-By: J. Ryan Stinnett <jryans@gmail.com>
|
5 years ago |
Andrew Morgan
|
3514437d24
|
Ability for client/server to decide on no hashing
|
5 years ago |
David Baker
|
9bb6ad80d1
|
typo
|
5 years ago |
Andrew Morgan
|
ed67e26037
|
pepper must not be an empty string, append medium
|
5 years ago |
Andrew Morgan
|
1963a24832
|
fix attacks paragraph
|
5 years ago |
Andrew Morgan
|
dd8a6549c9
|
Address review comments
|
5 years ago |
David Baker
|
701d340da1
|
Remove exception for request/submitToken
|
5 years ago |
David Baker
|
bf8a1e5d5f
|
Add way to get the HS to bind/unbind existing 3pids
|
5 years ago |
Andrew Morgan
|
3702669424
|
update from comments
|
5 years ago |
David Baker
|
30dcc28f9b
|
try & clarify that HS signature isn't the only acceptable auth for unbind
|
5 years ago |
Andrew Morgan
|
f4a1e02884
|
simple method once more
|
5 years ago |
Andrew Morgan
|
53bd384f2e
|
Clarify salting
|
5 years ago |
David Baker
|
1a669348d8
|
http status code
|
5 years ago |
David Baker
|
d15c9df115
|
fullstop
Co-Authored-By: Travis Ralston <travpc@gmail.com>
|
5 years ago |
David Baker
|
e28f7aad72
|
slash
Co-Authored-By: Travis Ralston <travpc@gmail.com>
|
5 years ago |
David Baker
|
4c72c37b80
|
slash
Co-Authored-By: Travis Ralston <travpc@gmail.com>
|
5 years ago |
David Baker
|
10858bf83b
|
set account data after registration
|
5 years ago |
David Baker
|
79dbad2914
|
remove acceptance token mention
|
5 years ago |
David Baker
|
ac6b9bdb7c
|
s/deprecate/remove/
|
5 years ago |
David Baker
|
7f65364804
|
Typo
Co-Authored-By: Travis Ralston <travpc@gmail.com>
|
5 years ago |
David Baker
|
03e6ab0103
|
re-word double openid
|
5 years ago |
David Baker
|
d00dfb7822
|
exclude submittoken too
|
5 years ago |
David Baker
|
f02e4c2e9c
|
both registers are excluded from auth
Co-Authored-By: Travis Ralston <travpc@gmail.com>
|
5 years ago |
David Baker
|
5374030cc0
|
Drop application/x-form-www-urlencoded in v2
|
5 years ago |
David Baker
|
2d11217d4e
|
Typo
Co-Authored-By: Travis Ralston <travpc@gmail.com>
|
5 years ago |
David Baker
|
8af35be13f
|
Typo
Co-Authored-By: Travis Ralston <travpc@gmail.com>
|
5 years ago |
Andrew Morgan
|
922a20ba26
|
small fixes
|
5 years ago |
Andrew Morgan
|
6f81d3774b
|
New hashing method
|
5 years ago |
David Baker
|
fe14d3c9f0
|
Spec terms response
|
6 years ago |
David Baker
|
786d5bc281
|
rewrite UI auth tradeoffs
|
6 years ago |
David Baker
|
45d630951c
|
back to M_TERMS_NOT_SIGNED
|
6 years ago |
David Baker
|
83bb3861ba
|
line wrap
|
6 years ago |
Travis Ralston
|
8897ea4bb1
|
Merge branch 'master' into travis/msc/integrations/discovery
|
6 years ago |
Travis Ralston
|
a2a7b7ff13
|
Merge branch 'master' into travis/msc/integrations/auth
|
6 years ago |
Travis Ralston
|
bfd8e52c23
|
Formatting
|
6 years ago |
Travis Ralston
|
d8283b9cdf
|
Add option to use query string
|
6 years ago |
Travis Ralston
|
e80753e56c
|
Add .well-known discovery
|
6 years ago |
David Baker
|
4be283ccb3
|
Typing
Co-Authored-By: Travis Ralston <travpc@gmail.com>
|
6 years ago |
David Baker
|
f95197b422
|
make the many-anded sentence a list
|
6 years ago |
David Baker
|
10a6a59a12
|
Deprecate `bind_email` / `bind_msisdn`
|
6 years ago |
David Baker
|
b5326de1c4
|
Exclude requestToken endpoints from auth requirement
|
6 years ago |
Sorunome
|
540aab82a1
|
accidentally formatted the wrong entry
|
6 years ago |
Sorunome
|
6260871a21
|
spoiler fallback to uploaded media
|
6 years ago |
David Baker
|
21b9eaf8de
|
No custom HTTP headers
Use the obvious way: in the same place as the ID server address
|
6 years ago |
David Baker
|
2694bb1090
|
Add really horrible custom HTTP header
for giving the IS token to the HS
|
6 years ago |
David Baker
|
58cf083a6a
|
backwards compat
|
6 years ago |
David Baker
|
6273868323
|
Clarify v1 API deprecation
|
6 years ago |
David Baker
|
4edf826c93
|
Capitalise on our identifiers
|
6 years ago |
David Baker
|
ba7047ce77
|
Clarify we must be accepting HS auth
Co-Authored-By: Travis Ralston <travpc@gmail.com>
|
6 years ago |
David Baker
|
1d75828c71
|
Clarify what to do if no (new) docs
|
6 years ago |
David Baker
|
af691b5a8a
|
Clarify this applies to 2134
Co-Authored-By: Travis Ralston <travpc@gmail.com>
|
6 years ago |
David Baker
|
57094276ce
|
Typing hard is
Co-Authored-By: Travis Ralston <travpc@gmail.com>
|
6 years ago |
Andrew Morgan
|
7549c5dd76
|
Merge branch 'hs/hash-identity' of github.com:matrix-org/matrix-doc into hs/hash-identity
|
6 years ago |
Andrew Morgan
|
0fd4fe2542
|
Add algo/pepper to err resp
|
6 years ago |
Andrew Morgan
|
dfb37fcce1
|
update with feedback
|
6 years ago |
Andrew Morgan
|
df88b13ce1
|
Update proposals/2134-identity-hash-lookup.md
Co-Authored-By: Hubert Chathi <hubert@uhoreg.ca>
|
6 years ago |
David Baker
|
9e0d8b9cb2
|
Use M_CONSENT_NOT_GIVEN
No idea where I got the other one from: we already have one in the
spec, so use it.
|
6 years ago |
David Baker
|
0dae2d5812
|
GET terms must be unauthed.
Detail process for new auth (don't register until consent given).
Specifically mention the authentication header.
|
6 years ago |
Sorunome
|
4f83cc1c24
|
moved client spoiler conversion to potential issues
|
6 years ago |
David Baker
|
6f374dc981
|
Re-write for OpenID auth
|
6 years ago |
David Baker
|
2c09580e27
|
line wrap
|
6 years ago |
Andrew Morgan
|
96e43aaf45
|
Define what characters lookup_pepper can consist of
|
6 years ago |
Andrew Morgan
|
f951f312e1
|
Fix terrible wording
|
6 years ago |
Andrew Morgan
|
fae6883cc0
|
Update with review comments
|
6 years ago |
Andrew Morgan
|
0a4c83ddb9
|
no plural. 3pid -> 3PID
|
6 years ago |
Andrew Morgan
|
36a35a33cc
|
Clarify how the spec defines hashing algs
|
6 years ago |
Andrew Morgan
|
ee10576d60
|
Update with feedback
|
6 years ago |
David Baker
|
abb407145a
|
HS docs must be added too
also, unbind must not error when called by HSes and proxy terms token
|
6 years ago |
David Baker
|
8ae47557c9
|
s/Third Party/Accepted/
|
6 years ago |
David Baker
|
2555801458
|
m.third_party_terms -> m.accepted_terms
as it will have the HS's terms too
|
6 years ago |
David Baker
|
4ba9b2a599
|
perfix
|
6 years ago |
David Baker
|
a63e4420eb
|
Linkify
Co-Authored-By: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
|
6 years ago |
Andrew Morgan
|
02ac0f3b33
|
Give the user control!
|
6 years ago |
Andrew Morgan
|
acdb2b1b42
|
Merge branch 'hs/hash-identity' of github.com:matrix-org/matrix-doc into hs/hash-identity
|
6 years ago |
Andrew Morgan
|
e3ff80291f
|
http err codes and hash wording fixes
|
6 years ago |
Travis Ralston
|
21e93a123e
|
Naming and capitalization
|
6 years ago |
Andrew Morgan
|
53f025edfc
|
Specify optional pepper rotation period
|
6 years ago |
Andrew Morgan
|
2383a55720
|
404 for deprecated endpoint
|
6 years ago |
Andrew Morgan
|
c63edc7b97
|
Clean up wording around peppers and hashes
|
6 years ago |
Andrew Morgan
|
e3b2ad38b5
|
pepper -> lookup_pepper
|
6 years ago |
Andrew Morgan
|
1fea604ba9
|
Don't define error message
|
6 years ago |
David Baker
|
9ca3ccc81c
|
Add requirments section for de-duping between services.
|
6 years ago |
David Baker
|
d4ca0c237a
|
Specify ID grammar and add comma
|
6 years ago |
David Baker
|
276e2b6843
|
Typo
Co-Authored-By: Travis Ralston <travpc@gmail.com>
|
6 years ago |
David Baker
|
cf48030d1f
|
One more tradeoff
|
6 years ago |
David Baker
|
32c7fc638d
|
you have a number now
|
6 years ago |
David Baker
|
23af87e9fc
|
Proposal for IS & IM TOS API
|
6 years ago |
Andrew Morgan
|
1343e19a6d
|
Specify hash algorithm and fallback considerations
|
6 years ago |
Andrew Morgan
|
f28476f0f3
|
line wrap and fix wording
|
6 years ago |
Andrew Morgan
|
3ee27d3818
|
salt->pepper. 1 pepper/is. add multi-hash idea
|
6 years ago |
Andrew Morgan
|
f41ed02c9e
|
remove sec concerns
|
6 years ago |