Travis Ralston
185c564a13
Spec client-server IS unbind API
...
As per [MSC2140](https://github.com/matrix-org/matrix-doc/pull/2140 )
Note: this modifies the endpoint in MSC2140 to be more in line with the remainder of the proposal.
5 years ago
Travis Ralston
2d784d93ef
Merge branch 'master' into travis/spec/is-auth
5 years ago
Travis Ralston
675cabc33d
Merge pull request #2263 from matrix-org/travis/msc/id-server-optional
...
MSC2263: Give homeservers the ability to handle their own 3PID registrations/password resets
5 years ago
Tulir Asokan
b2ce6f87bc
Merge branch 'master' into mass_redactions
5 years ago
Tulir Asokan
7ba4564ac3
Remove soft fail auth rule option
...
Signed-off-by: Tulir Asokan <tulir@maunium.net>
5 years ago
Matthew Hodgson
a805d2b779
oops, premature merge
5 years ago
Matthew Hodgson
6d71a41e22
Proposal for ignoring invites
5 years ago
Tulir Asokan
e6f85cacff
Specify that "existing auth rules" means room v5
5 years ago
Travis Ralston
b36fe24f1b
Let's not doubly remove things
5 years ago
Travis Ralston
f8780e2395
add note about edit
5 years ago
Travis Ralston
1a6eb9a413
Update proposals/2263-homeserver-pw-resets.md
...
Co-Authored-By: J. Ryan Stinnett <jryans@gmail.com>
5 years ago
Travis Ralston
6d5e90b1d6
Apply suggestions from code review
...
Co-Authored-By: Matthew Hodgson <matthew@matrix.org>
5 years ago
Travis Ralston
16bb3bd8b5
Add an unstable feature flag to MSC2140 for clients to detect support
5 years ago
Travis Ralston
4e43024039
Assign number
5 years ago
Travis Ralston
1d6501b6ec
What if we allowed homeservers to deal with their own business?
5 years ago
Tulir Asokan
c909a7c423
Move omitting redacted_because into proposal and add security consideration
...
Signed-off-by: Tulir Asokan <tulir@maunium.net>
5 years ago
Travis Ralston
ef5d3b9f30
Correct token reference in MSC2140
5 years ago
Tulir Asokan
79a5663ec3
Fix typos, inline links and move image into tree
...
Signed-off-by: Tulir Asokan <tulir@maunium.net>
5 years ago
Tulir Asokan
238b78bbaf
Add potential issue with redacted_because field
...
Signed-off-by: Tulir Asokan <tulir@maunium.net>
5 years ago
Tulir Asokan
cd75d0f220
Fix authenticity/authorization terminology
...
Co-authored-by: Kitsune Ral <Kitsune-Ral@users.sf.net>
Signed-off-by: Tulir Asokan <tulir@maunium.net>
5 years ago
Tulir Asokan
984e0af7b2
Re-word auth rule section on handling each target separately
...
Co-authored-by: Jason Volk <jason@zemos.net>
Signed-off-by: Tulir Asokan <tulir@maunium.net>
Signed-off-by: Jason Volk <jason@zemos.net>
5 years ago
Hubert Chathi
03ae5614b0
remove unnecessary space
5 years ago
Hubert Chathi
e1b0042e7b
clarifications, minor fixes, formatting
5 years ago
Hubert Chathi
9aade7291a
make it agree with what we actually did with key requests
5 years ago
Hubert Chathi
cafe49d36d
some clarifications
5 years ago
Travis Ralston
356350de91
Merge pull request #2140 from matrix-org/dbkr/tos_2
...
MSC2140: Terms of Service for ISes and IMs
5 years ago
Travis Ralston
7a36016cbb
Merge pull request #2230 from matrix-org/dbkr/is_in_account_data
...
MSC2230: Store Identity Server in Account Data
5 years ago
Travis Ralston
0265817c56
Merge pull request #1957 from matrix-org/travis/msc/integrations/discovery
...
MSC1957: Integration manager discovery
5 years ago
Hubert Chathi
4e2fe124d2
wording fixes/clarifications
5 years ago
Travis Ralston
4ad9bf7059
Merge pull request #1961 from matrix-org/travis/msc/integrations/auth
...
MSC1961: Integration manager authentication APIs
5 years ago
Tulir Asokan
ec38013daa
Proposal to allow multiple targets for one redaction event
...
Signed-off-by: Tulir Asokan <tulir@maunium.net>
5 years ago
Travis Ralston
b0f873785d
Proposal for room version 6
5 years ago
Travis Ralston
b6f0e8e8ed
Clarify that the query string is because they are widgets
5 years ago
Travis Ralston
8b85fda52c
Add a link to the widget MSC to try and stem questions
5 years ago
David Baker
4ea8f645d6
is_token -> id_access_token and add invite to proxy list
5 years ago
Travis Ralston
8ca50eaf9f
Merge pull request #2010 from Sorunome/soru/spoilers
...
MSC2010: Add client-side spoilers
5 years ago
David Baker
8bd9d7caeb
Add full stop
...
Co-Authored-By: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
5 years ago
David Baker
69315417b5
Typo
...
Co-Authored-By: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
5 years ago
David Baker
4073d940da
Typo
...
Co-Authored-By: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
5 years ago
David Baker
1f8cfd5729
Update migration mechanism
5 years ago
Travis Ralston
53a2ffb12a
Merge pull request #2197 from reivilibre/rei/msc_filter_over_fed
...
MSC2197: Search Filtering in Federation /publicRooms
5 years ago
Travis Ralston
788796e1c6
Multiple clarifications
5 years ago
David Baker
9b2ca3cdfe
typoes / clarifications
...
Co-Authored-By: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
5 years ago
Travis Ralston
9e073e9647
Speeeeeeling
...
Co-Authored-By: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
5 years ago
Andrew Morgan
997c5466a8
MSC2229: Allowing 3PID Owners to Rebind ( #2229 )
5 years ago
David Baker
6d0067320c
clarify error proxying
5 years ago
David Baker
12377fbf50
/account/logout not /logout
...
Co-Authored-By: Hubert Chathi <hubert@uhoreg.ca>
5 years ago
David Baker
e4bdc283fd
Apply suggestions from code review
...
Typos / spelling
Co-Authored-By: Hubert Chathi <hubert@uhoreg.ca>
5 years ago
Olivier Wilkinson (reivilibre)
76f9196ff3
Address @richvdh's comments
5 years ago
Travis Ralston
865d3da0f8
General clarity improvements
5 years ago
Travis Ralston
22c9692684
Disclose origin story better
5 years ago
Travis Ralston
475c64de8c
Disclose origin story
5 years ago
Andrew Morgan
4059661c29
Update proposals/2229-rebind-existing-3pid.md
...
Co-Authored-By: Kitsune Ral <Kitsune-Ral@users.sf.net>
5 years ago
Olivier Wilkinson (reivilibre)
4219e272ec
Drop the hard SHOULD
...
Adopts @turt2live's phrasing
Signed-off-by: Olivier Wilkinson (reivilibre) <olivier@librepush.net>
5 years ago
Olivier Wilkinson (reivilibre)
7e85b9d56a
Acknowledge other potential error responses for fallback
...
Signed-off-by: Olivier Wilkinson (reivilibre) <olivier@librepush.net>
5 years ago
Olivier Wilkinson (reivilibre)
97f856d706
Domain name is potentially personally-identifying
...
Thanks to @turt2live
Signed-off-by: Olivier Wilkinson (reivilibre) <olivier@librepush.net>
5 years ago
David Baker
b9b984ae60
clarify
5 years ago
David Baker
229cb67b01
Apply suggestions from code review
...
Use fewer formal MUST etc in proposal
Co-Authored-By: Travis Ralston <travpc@gmail.com>
5 years ago
Andrew Morgan
7758e0701c
Remove homeserver warning
5 years ago
David Baker
2c8d112089
assign number
5 years ago
Andrew Morgan
2e2a74a235
Merge branch 'anoa/rebind_3pids' of github.com:matrix-org/matrix-doc into anoa/rebind_3pids
5 years ago
Andrew Morgan
2547cc443c
backticks
5 years ago
Andrew Morgan
01fc54faae
Update proposals/2229-rebind-existing-3pid.md
...
Co-Authored-By: Travis Ralston <travpc@gmail.com>
5 years ago
Andrew Morgan
5b1ea4ffcb
Update proposals/2229-rebind-existing-3pid.md
...
Co-Authored-By: J. Ryan Stinnett <jryans@gmail.com>
5 years ago
Andrew Morgan
cb1e3b8373
Take into account the 1 is case
5 years ago
Andrew Morgan
f313b49c26
Add bind def.
5 years ago
Andrew Morgan
be77b5823c
fix up
5 years ago
Andrew Morgan
6ed0ae36ba
rename msc #
5 years ago
Andrew Morgan
ed4d805d2f
flesh out
5 years ago
David Baker
6330fff5a4
Draft for IS URL in account data
5 years ago
Andrew Morgan
783fd78a6f
wip
5 years ago
Richard van der Hoff
353b6cd198
clarification
5 years ago
Hubert Chathi
7ed5367516
clarifications, fix formatting
5 years ago
Olivier Wilkinson (reivilibre)
60cbc4567b
Addresses some of Andrew's comments
...
Signed-off-by: Olivier Wilkinson (reivilibre) <olivier@librepush.net>
5 years ago
Travis Ralston
a171d5f6fd
Check for a state_key on the tombstone push rule
...
This is an oversight from the proposal.
5 years ago
Travis Ralston
3087c76452
Merge pull request #2134 from matrix-org/hs/hash-identity
...
MSC2134: Identity Hash Lookups
5 years ago
Olivier Wilkinson (reivilibre)
493bb062af
MSC2197: update with privacy perspective
...
Includes recommendations for client developers.
Signed-off-by: Olivier Wilkinson (reivilibre) <olivier@librepush.net>
5 years ago
Travis Ralston
a71757f1ee
Merge pull request #2174 from matrix-org/rav/proposals/move_redacts_key
...
MSC2174: Move the `redacts` key to a sane place
5 years ago
Luca Becker
25e3602bbe
3rd draft of MSC2209
5 years ago
Andrew Morgan
3edf5e3c16
Make hashes real values
5 years ago
Luca Becker
42dbeee7d3
MSC2209: 2nd draft @uhoregs changes
5 years ago
Luca Becker
ec37fe4427
first draft of MSC2209
5 years ago
Andrew Morgan
96e06b6f5f
Add line, britishise
5 years ago
Andrew Morgan
3877724774
fix speeling
5 years ago
Andrew Morgan
c401a4d47b
punctuation
5 years ago
Andrew Morgan
acf8d34474
Merge branch 'hs/hash-identity' of github.com:matrix-org/matrix-doc into hs/hash-identity
5 years ago
Andrew Morgan
3789d828fd
Incorporate solution analysis from the context of attacks
5 years ago
Olivier Wilkinson (reivilibre)
36e43ee326
Rewrap lines in MSC2917 to 80 chars wide
...
Signed-off-by: Olivier Wilkinson (reivilibre) <olivier@librepush.net>
5 years ago
Hubert Chathi
80adbaff4c
switch to MSC1946 for storing recovery key
5 years ago
Hubert Chathi
825757ffd8
add information about verifying backup by entering key
5 years ago
Hubert Chathi
bd9efcdf53
add some information and an example
5 years ago
Hubert Chathi
d47e13c6d9
this FIXME will be addressed in the key backup MSC
5 years ago
Hubert Chathi
395d40314b
fix typos and make valid JSON
5 years ago
Andrew Morgan
f989263872
MSC2181: Add an Error Code for Signaling a Deactivated User ( #2181 )
5 years ago
Richard van der Hoff
0c7c48bd12
MSC2175: Remove the `creator` field from `m.room.create` events ( #2175 )
...
Fixes #1193
5 years ago
Andrew Morgan
33d22c3320
hashes are not stream ciphers
5 years ago
Andrew Morgan
9913f5bc29
Slightly clarify pepper value
5 years ago
Andrew Morgan
57de107ea9
Move medium back behind the address
5 years ago
Richard van der Hoff
f1f293678b
Apply suggestions from code review
...
Co-Authored-By: Travis Ralston <travpc@gmail.com>
Co-Authored-By: Kitsune Ral <Kitsune-Ral@users.sf.net>
5 years ago
Olivier Wilkinson (reivilibre)
4c22eb86b5
MSC for Search Filtering in Federation /publicRooms
...
Signed-off-by: Olivier Wilkinson (reivilibre) <olivier@librepush.net>
5 years ago
Andrew Morgan
c8527b7af8
Merge branch 'hs/hash-identity' of github.com:matrix-org/matrix-doc into hs/hash-identity
5 years ago
Andrew Morgan
4d1f2ea4f4
Apply suggestions from code review
...
Co-Authored-By: Hubert Chathi <hubert@uhoreg.ca>
5 years ago
Andrew Morgan
6660768d85
Don't repeat fast hash bit
5 years ago
Andrew Morgan
027c2d7260
Merge branch 'hs/hash-identity' of github.com:matrix-org/matrix-doc into hs/hash-identity
5 years ago
Andrew Morgan
a17c74f592
switch medium and address around, space between address and pepper
5 years ago
Andrew Morgan
5580a2a1a9
Update proposals/2134-identity-hash-lookup.md
...
Co-Authored-By: Hubert Chathi <hubert@uhoreg.ca>
5 years ago
Andrew Morgan
ffbfde8a09
Update proposals/2134-identity-hash-lookup.md
...
Co-Authored-By: Hubert Chathi <hubert@uhoreg.ca>
5 years ago
Andrew Morgan
87a54e8d8d
Merge branch 'hs/hash-identity' of github.com:matrix-org/matrix-doc into hs/hash-identity
5 years ago
Andrew Morgan
6119b9a50d
*@hobnobbob.com is unlikely to be guessed
5 years ago
Andrew Morgan
20c72a3649
Update proposals/2134-identity-hash-lookup.md
...
Co-Authored-By: David Baker <dbkr@users.noreply.github.com>
5 years ago
Andrew Morgan
0ac70b268a
Clarify peppering should not happen on none algo
5 years ago
Andrew Morgan
da876bb340
missing word
5 years ago
Andrew Morgan
c6dd5951a1
Clients can cache the hash details if they want to
5 years ago
Andrew Morgan
8f3e588708
pepper is not a secret val. Still needs to be around.
5 years ago
Andrew Morgan
3b8c57e06c
Don't require servers/clients to support "none"
5 years ago
Andrew Morgan
3031df79cc
Add example for none algo
5 years ago
Andrew Morgan
9fd6bd3184
Add details about why this proposal should exist
5 years ago
Andrew Morgan
b26a9ed1fd
Expand on why we can't trust dirty homeservers
5 years ago
Andrew Morgan
577021f12b
resolve some comments
5 years ago
Richard van der Hoff
9e264fedc9
Updates
...
* preserve *all* of `create`
* don't preserve `notifications` or `algorithm`, and add some justifcation.
5 years ago
Andrew Morgan
887cd5e7d0
I really hope someone doesn't invest none-hash
5 years ago
Andrew Morgan
0444c8016b
review comments
5 years ago
Richard van der Hoff
4503327450
Add some compatibility hacks.
5 years ago
Richard van der Hoff
d324cac847
preserve powerlevel
5 years ago
Richard van der Hoff
b49a950245
Update proposals/2176-update-redaction-rules.md
...
fix typo
Co-Authored-By: Kitsune Ral <Kitsune-Ral@users.sf.net>
5 years ago
Sorunome
9ebcff5758
fix typo, add section on html details element
5 years ago
Andrew Morgan
36cb8ed894
none -> m.none
5 years ago
Sorunome
1f786ae6dc
commit image into repo, fix typo
5 years ago
David Baker
d9269b084f
Exclude pubkey endpoints from auth
5 years ago
David Baker
a1de6ff634
Hopefully clarify some bits
5 years ago
Richard van der Hoff
cd5549d483
Proposal to update the redaction algorithm
5 years ago
Richard van der Hoff
b09d48a9f7
Spec link
5 years ago
Richard van der Hoff
78d46b2890
Proposal to move the `redacts` key to a sane place
5 years ago
David Baker
25a47afa32
unnecessary capital mk. 2
...
Co-Authored-By: J. Ryan Stinnett <jryans@gmail.com>
5 years ago
David Baker
6e061b1baf
unnecessary capital
...
Co-Authored-By: J. Ryan Stinnett <jryans@gmail.com>
5 years ago
David Baker
f474b31f5f
typo
...
Co-Authored-By: J. Ryan Stinnett <jryans@gmail.com>
5 years ago
Andrew Morgan
3514437d24
Ability for client/server to decide on no hashing
5 years ago
David Baker
9bb6ad80d1
typo
5 years ago
Andrew Morgan
ed67e26037
pepper must not be an empty string, append medium
5 years ago
Andrew Morgan
1963a24832
fix attacks paragraph
5 years ago
Andrew Morgan
dd8a6549c9
Address review comments
5 years ago
David Baker
701d340da1
Remove exception for request/submitToken
5 years ago
David Baker
bf8a1e5d5f
Add way to get the HS to bind/unbind existing 3pids
5 years ago
Andrew Morgan
3702669424
update from comments
5 years ago
David Baker
30dcc28f9b
try & clarify that HS signature isn't the only acceptable auth for unbind
5 years ago
Andrew Morgan
f4a1e02884
simple method once more
5 years ago
Hubert Chathi
4d31ddc8c9
additions and clarifications
...
- indicate how to use MSC 1946 to store/share private keys
- add signing by devices to enable migrating from device verifications
- add information about signature upload failures and M_INVALID_SIGNATURE code
- add security consideration
5 years ago
Andrew Morgan
53bd384f2e
Clarify salting
5 years ago
Hubert Chathi
3aaf181db2
rename some things and add clarification
5 years ago
David Baker
1a669348d8
http status code
5 years ago
David Baker
d15c9df115
fullstop
...
Co-Authored-By: Travis Ralston <travpc@gmail.com>
5 years ago
David Baker
e28f7aad72
slash
...
Co-Authored-By: Travis Ralston <travpc@gmail.com>
5 years ago
David Baker
4c72c37b80
slash
...
Co-Authored-By: Travis Ralston <travpc@gmail.com>
5 years ago
David Baker
10858bf83b
set account data after registration
5 years ago
David Baker
79dbad2914
remove acceptance token mention
5 years ago
David Baker
ac6b9bdb7c
s/deprecate/remove/
5 years ago
David Baker
7f65364804
Typo
...
Co-Authored-By: Travis Ralston <travpc@gmail.com>
5 years ago
David Baker
03e6ab0103
re-word double openid
5 years ago
David Baker
d00dfb7822
exclude submittoken too
5 years ago
David Baker
f02e4c2e9c
both registers are excluded from auth
...
Co-Authored-By: Travis Ralston <travpc@gmail.com>
5 years ago
David Baker
5374030cc0
Drop application/x-form-www-urlencoded in v2
5 years ago
David Baker
2d11217d4e
Typo
...
Co-Authored-By: Travis Ralston <travpc@gmail.com>
5 years ago
David Baker
8af35be13f
Typo
...
Co-Authored-By: Travis Ralston <travpc@gmail.com>
5 years ago
Andrew Morgan
922a20ba26
small fixes
5 years ago
Andrew Morgan
6f81d3774b
New hashing method
5 years ago
David Baker
fe14d3c9f0
Spec terms response
6 years ago
David Baker
786d5bc281
rewrite UI auth tradeoffs
6 years ago
David Baker
45d630951c
back to M_TERMS_NOT_SIGNED
6 years ago
David Baker
83bb3861ba
line wrap
6 years ago
Travis Ralston
8897ea4bb1
Merge branch 'master' into travis/msc/integrations/discovery
6 years ago
Travis Ralston
a2a7b7ff13
Merge branch 'master' into travis/msc/integrations/auth
6 years ago
Travis Ralston
bfd8e52c23
Formatting
6 years ago
Travis Ralston
d8283b9cdf
Add option to use query string
6 years ago
Travis Ralston
e80753e56c
Add .well-known discovery
6 years ago
David Baker
4be283ccb3
Typing
...
Co-Authored-By: Travis Ralston <travpc@gmail.com>
6 years ago
David Baker
f95197b422
make the many-anded sentence a list
6 years ago
David Baker
10a6a59a12
Deprecate `bind_email` / `bind_msisdn`
6 years ago
David Baker
b5326de1c4
Exclude requestToken endpoints from auth requirement
6 years ago
Sorunome
540aab82a1
accidentally formatted the wrong entry
6 years ago
Sorunome
6260871a21
spoiler fallback to uploaded media
6 years ago
David Baker
21b9eaf8de
No custom HTTP headers
...
Use the obvious way: in the same place as the ID server address
6 years ago
David Baker
2694bb1090
Add really horrible custom HTTP header
...
for giving the IS token to the HS
6 years ago
David Baker
58cf083a6a
backwards compat
6 years ago
David Baker
6273868323
Clarify v1 API deprecation
6 years ago
David Baker
4edf826c93
Capitalise on our identifiers
6 years ago
David Baker
ba7047ce77
Clarify we must be accepting HS auth
...
Co-Authored-By: Travis Ralston <travpc@gmail.com>
6 years ago
David Baker
1d75828c71
Clarify what to do if no (new) docs
6 years ago
David Baker
af691b5a8a
Clarify this applies to 2134
...
Co-Authored-By: Travis Ralston <travpc@gmail.com>
6 years ago
David Baker
57094276ce
Typing hard is
...
Co-Authored-By: Travis Ralston <travpc@gmail.com>
6 years ago
Andrew Morgan
7549c5dd76
Merge branch 'hs/hash-identity' of github.com:matrix-org/matrix-doc into hs/hash-identity
6 years ago
Andrew Morgan
0fd4fe2542
Add algo/pepper to err resp
6 years ago
Andrew Morgan
dfb37fcce1
update with feedback
6 years ago
Andrew Morgan
df88b13ce1
Update proposals/2134-identity-hash-lookup.md
...
Co-Authored-By: Hubert Chathi <hubert@uhoreg.ca>
6 years ago
David Baker
9e0d8b9cb2
Use M_CONSENT_NOT_GIVEN
...
No idea where I got the other one from: we already have one in the
spec, so use it.
6 years ago
David Baker
0dae2d5812
GET terms must be unauthed.
...
Detail process for new auth (don't register until consent given).
Specifically mention the authentication header.
6 years ago
Sorunome
4f83cc1c24
moved client spoiler conversion to potential issues
6 years ago
David Baker
6f374dc981
Re-write for OpenID auth
6 years ago
David Baker
2c09580e27
line wrap
6 years ago
Andrew Morgan
96e43aaf45
Define what characters lookup_pepper can consist of
6 years ago
Andrew Morgan
f951f312e1
Fix terrible wording
6 years ago