Andrew Morgan
01fc54faae
Update proposals/2229-rebind-existing-3pid.md
...
Co-Authored-By: Travis Ralston <travpc@gmail.com>
5 years ago
Andrew Morgan
5b1ea4ffcb
Update proposals/2229-rebind-existing-3pid.md
...
Co-Authored-By: J. Ryan Stinnett <jryans@gmail.com>
5 years ago
Andrew Morgan
cb1e3b8373
Take into account the 1 is case
5 years ago
Andrew Morgan
f313b49c26
Add bind def.
5 years ago
Andrew Morgan
be77b5823c
fix up
5 years ago
Andrew Morgan
6ed0ae36ba
rename msc #
5 years ago
Andrew Morgan
ed4d805d2f
flesh out
5 years ago
David Baker
6330fff5a4
Draft for IS URL in account data
5 years ago
Andrew Morgan
783fd78a6f
wip
5 years ago
Richard van der Hoff
353b6cd198
clarification
5 years ago
Hubert Chathi
7ed5367516
clarifications, fix formatting
5 years ago
Olivier Wilkinson (reivilibre)
60cbc4567b
Addresses some of Andrew's comments
...
Signed-off-by: Olivier Wilkinson (reivilibre) <olivier@librepush.net>
5 years ago
Travis Ralston
a171d5f6fd
Check for a state_key on the tombstone push rule
...
This is an oversight from the proposal.
5 years ago
Travis Ralston
3087c76452
Merge pull request #2134 from matrix-org/hs/hash-identity
...
MSC2134: Identity Hash Lookups
5 years ago
Olivier Wilkinson (reivilibre)
493bb062af
MSC2197: update with privacy perspective
...
Includes recommendations for client developers.
Signed-off-by: Olivier Wilkinson (reivilibre) <olivier@librepush.net>
5 years ago
Travis Ralston
a71757f1ee
Merge pull request #2174 from matrix-org/rav/proposals/move_redacts_key
...
MSC2174: Move the `redacts` key to a sane place
5 years ago
Andrew Morgan
3edf5e3c16
Make hashes real values
5 years ago
Andrew Morgan
96e06b6f5f
Add line, britishise
5 years ago
Andrew Morgan
3877724774
fix speeling
5 years ago
Andrew Morgan
c401a4d47b
punctuation
5 years ago
Andrew Morgan
acf8d34474
Merge branch 'hs/hash-identity' of github.com:matrix-org/matrix-doc into hs/hash-identity
5 years ago
Andrew Morgan
3789d828fd
Incorporate solution analysis from the context of attacks
5 years ago
Olivier Wilkinson (reivilibre)
36e43ee326
Rewrap lines in MSC2917 to 80 chars wide
...
Signed-off-by: Olivier Wilkinson (reivilibre) <olivier@librepush.net>
5 years ago
Hubert Chathi
80adbaff4c
switch to MSC1946 for storing recovery key
5 years ago
Hubert Chathi
825757ffd8
add information about verifying backup by entering key
5 years ago
Hubert Chathi
bd9efcdf53
add some information and an example
5 years ago
Hubert Chathi
d47e13c6d9
this FIXME will be addressed in the key backup MSC
5 years ago
Hubert Chathi
395d40314b
fix typos and make valid JSON
5 years ago
Andrew Morgan
f989263872
MSC2181: Add an Error Code for Signaling a Deactivated User ( #2181 )
5 years ago
Richard van der Hoff
0c7c48bd12
MSC2175: Remove the `creator` field from `m.room.create` events ( #2175 )
...
Fixes #1193
5 years ago
Andrew Morgan
33d22c3320
hashes are not stream ciphers
5 years ago
Andrew Morgan
9913f5bc29
Slightly clarify pepper value
5 years ago
Andrew Morgan
57de107ea9
Move medium back behind the address
5 years ago
Richard van der Hoff
f1f293678b
Apply suggestions from code review
...
Co-Authored-By: Travis Ralston <travpc@gmail.com>
Co-Authored-By: Kitsune Ral <Kitsune-Ral@users.sf.net>
5 years ago
Olivier Wilkinson (reivilibre)
4c22eb86b5
MSC for Search Filtering in Federation /publicRooms
...
Signed-off-by: Olivier Wilkinson (reivilibre) <olivier@librepush.net>
5 years ago
Andrew Morgan
c8527b7af8
Merge branch 'hs/hash-identity' of github.com:matrix-org/matrix-doc into hs/hash-identity
5 years ago
Andrew Morgan
4d1f2ea4f4
Apply suggestions from code review
...
Co-Authored-By: Hubert Chathi <hubert@uhoreg.ca>
5 years ago
Andrew Morgan
6660768d85
Don't repeat fast hash bit
5 years ago
Andrew Morgan
027c2d7260
Merge branch 'hs/hash-identity' of github.com:matrix-org/matrix-doc into hs/hash-identity
5 years ago
Andrew Morgan
a17c74f592
switch medium and address around, space between address and pepper
5 years ago
Andrew Morgan
5580a2a1a9
Update proposals/2134-identity-hash-lookup.md
...
Co-Authored-By: Hubert Chathi <hubert@uhoreg.ca>
5 years ago
Andrew Morgan
ffbfde8a09
Update proposals/2134-identity-hash-lookup.md
...
Co-Authored-By: Hubert Chathi <hubert@uhoreg.ca>
5 years ago
Andrew Morgan
87a54e8d8d
Merge branch 'hs/hash-identity' of github.com:matrix-org/matrix-doc into hs/hash-identity
5 years ago
Andrew Morgan
6119b9a50d
*@hobnobbob.com is unlikely to be guessed
5 years ago
Andrew Morgan
20c72a3649
Update proposals/2134-identity-hash-lookup.md
...
Co-Authored-By: David Baker <dbkr@users.noreply.github.com>
5 years ago
Andrew Morgan
0ac70b268a
Clarify peppering should not happen on none algo
5 years ago
Andrew Morgan
da876bb340
missing word
5 years ago
Andrew Morgan
c6dd5951a1
Clients can cache the hash details if they want to
5 years ago
Andrew Morgan
8f3e588708
pepper is not a secret val. Still needs to be around.
5 years ago
Andrew Morgan
3b8c57e06c
Don't require servers/clients to support "none"
5 years ago
Andrew Morgan
3031df79cc
Add example for none algo
5 years ago
Andrew Morgan
9fd6bd3184
Add details about why this proposal should exist
5 years ago
Andrew Morgan
b26a9ed1fd
Expand on why we can't trust dirty homeservers
5 years ago
Andrew Morgan
577021f12b
resolve some comments
5 years ago
Richard van der Hoff
9e264fedc9
Updates
...
* preserve *all* of `create`
* don't preserve `notifications` or `algorithm`, and add some justifcation.
5 years ago
Andrew Morgan
887cd5e7d0
I really hope someone doesn't invest none-hash
5 years ago
Andrew Morgan
0444c8016b
review comments
5 years ago
Richard van der Hoff
4503327450
Add some compatibility hacks.
5 years ago
Richard van der Hoff
d324cac847
preserve powerlevel
5 years ago
Richard van der Hoff
b49a950245
Update proposals/2176-update-redaction-rules.md
...
fix typo
Co-Authored-By: Kitsune Ral <Kitsune-Ral@users.sf.net>
5 years ago
Sorunome
9ebcff5758
fix typo, add section on html details element
5 years ago
Andrew Morgan
36cb8ed894
none -> m.none
5 years ago
Sorunome
1f786ae6dc
commit image into repo, fix typo
5 years ago
David Baker
d9269b084f
Exclude pubkey endpoints from auth
5 years ago
David Baker
a1de6ff634
Hopefully clarify some bits
5 years ago
Richard van der Hoff
cd5549d483
Proposal to update the redaction algorithm
5 years ago
Richard van der Hoff
b09d48a9f7
Spec link
5 years ago
Richard van der Hoff
78d46b2890
Proposal to move the `redacts` key to a sane place
5 years ago
David Baker
25a47afa32
unnecessary capital mk. 2
...
Co-Authored-By: J. Ryan Stinnett <jryans@gmail.com>
5 years ago
David Baker
6e061b1baf
unnecessary capital
...
Co-Authored-By: J. Ryan Stinnett <jryans@gmail.com>
5 years ago
David Baker
f474b31f5f
typo
...
Co-Authored-By: J. Ryan Stinnett <jryans@gmail.com>
5 years ago
Andrew Morgan
3514437d24
Ability for client/server to decide on no hashing
5 years ago
David Baker
9bb6ad80d1
typo
5 years ago
Andrew Morgan
ed67e26037
pepper must not be an empty string, append medium
5 years ago
Andrew Morgan
1963a24832
fix attacks paragraph
5 years ago
Andrew Morgan
dd8a6549c9
Address review comments
5 years ago
David Baker
701d340da1
Remove exception for request/submitToken
5 years ago
David Baker
bf8a1e5d5f
Add way to get the HS to bind/unbind existing 3pids
5 years ago
Andrew Morgan
3702669424
update from comments
5 years ago
David Baker
30dcc28f9b
try & clarify that HS signature isn't the only acceptable auth for unbind
5 years ago
Andrew Morgan
f4a1e02884
simple method once more
5 years ago
Hubert Chathi
4d31ddc8c9
additions and clarifications
...
- indicate how to use MSC 1946 to store/share private keys
- add signing by devices to enable migrating from device verifications
- add information about signature upload failures and M_INVALID_SIGNATURE code
- add security consideration
5 years ago
Andrew Morgan
53bd384f2e
Clarify salting
5 years ago
Hubert Chathi
3aaf181db2
rename some things and add clarification
5 years ago
David Baker
1a669348d8
http status code
5 years ago
David Baker
d15c9df115
fullstop
...
Co-Authored-By: Travis Ralston <travpc@gmail.com>
5 years ago
David Baker
e28f7aad72
slash
...
Co-Authored-By: Travis Ralston <travpc@gmail.com>
5 years ago
David Baker
4c72c37b80
slash
...
Co-Authored-By: Travis Ralston <travpc@gmail.com>
5 years ago
David Baker
10858bf83b
set account data after registration
5 years ago
David Baker
79dbad2914
remove acceptance token mention
5 years ago
David Baker
ac6b9bdb7c
s/deprecate/remove/
5 years ago
David Baker
7f65364804
Typo
...
Co-Authored-By: Travis Ralston <travpc@gmail.com>
5 years ago
David Baker
03e6ab0103
re-word double openid
5 years ago
David Baker
d00dfb7822
exclude submittoken too
5 years ago
David Baker
f02e4c2e9c
both registers are excluded from auth
...
Co-Authored-By: Travis Ralston <travpc@gmail.com>
5 years ago
David Baker
5374030cc0
Drop application/x-form-www-urlencoded in v2
5 years ago
David Baker
2d11217d4e
Typo
...
Co-Authored-By: Travis Ralston <travpc@gmail.com>
5 years ago
David Baker
8af35be13f
Typo
...
Co-Authored-By: Travis Ralston <travpc@gmail.com>
5 years ago
Andrew Morgan
922a20ba26
small fixes
5 years ago
Andrew Morgan
6f81d3774b
New hashing method
5 years ago
David Baker
fe14d3c9f0
Spec terms response
5 years ago
David Baker
786d5bc281
rewrite UI auth tradeoffs
5 years ago
David Baker
45d630951c
back to M_TERMS_NOT_SIGNED
5 years ago
David Baker
83bb3861ba
line wrap
5 years ago
Travis Ralston
8897ea4bb1
Merge branch 'master' into travis/msc/integrations/discovery
5 years ago
Travis Ralston
a2a7b7ff13
Merge branch 'master' into travis/msc/integrations/auth
5 years ago
Travis Ralston
bfd8e52c23
Formatting
5 years ago
Travis Ralston
d8283b9cdf
Add option to use query string
5 years ago
Travis Ralston
e80753e56c
Add .well-known discovery
5 years ago
David Baker
4be283ccb3
Typing
...
Co-Authored-By: Travis Ralston <travpc@gmail.com>
5 years ago
David Baker
f95197b422
make the many-anded sentence a list
5 years ago
David Baker
10a6a59a12
Deprecate `bind_email` / `bind_msisdn`
5 years ago
David Baker
b5326de1c4
Exclude requestToken endpoints from auth requirement
5 years ago
Sorunome
540aab82a1
accidentally formatted the wrong entry
5 years ago
Sorunome
6260871a21
spoiler fallback to uploaded media
5 years ago
David Baker
21b9eaf8de
No custom HTTP headers
...
Use the obvious way: in the same place as the ID server address
5 years ago
David Baker
2694bb1090
Add really horrible custom HTTP header
...
for giving the IS token to the HS
5 years ago
David Baker
58cf083a6a
backwards compat
5 years ago
David Baker
6273868323
Clarify v1 API deprecation
5 years ago
David Baker
4edf826c93
Capitalise on our identifiers
5 years ago
David Baker
ba7047ce77
Clarify we must be accepting HS auth
...
Co-Authored-By: Travis Ralston <travpc@gmail.com>
5 years ago
David Baker
1d75828c71
Clarify what to do if no (new) docs
5 years ago
David Baker
af691b5a8a
Clarify this applies to 2134
...
Co-Authored-By: Travis Ralston <travpc@gmail.com>
5 years ago
David Baker
57094276ce
Typing hard is
...
Co-Authored-By: Travis Ralston <travpc@gmail.com>
5 years ago
Andrew Morgan
7549c5dd76
Merge branch 'hs/hash-identity' of github.com:matrix-org/matrix-doc into hs/hash-identity
5 years ago
Andrew Morgan
0fd4fe2542
Add algo/pepper to err resp
5 years ago
Andrew Morgan
dfb37fcce1
update with feedback
5 years ago
Andrew Morgan
df88b13ce1
Update proposals/2134-identity-hash-lookup.md
...
Co-Authored-By: Hubert Chathi <hubert@uhoreg.ca>
5 years ago
David Baker
9e0d8b9cb2
Use M_CONSENT_NOT_GIVEN
...
No idea where I got the other one from: we already have one in the
spec, so use it.
5 years ago
David Baker
0dae2d5812
GET terms must be unauthed.
...
Detail process for new auth (don't register until consent given).
Specifically mention the authentication header.
5 years ago
Sorunome
4f83cc1c24
moved client spoiler conversion to potential issues
5 years ago
David Baker
6f374dc981
Re-write for OpenID auth
5 years ago
David Baker
2c09580e27
line wrap
5 years ago
Andrew Morgan
96e43aaf45
Define what characters lookup_pepper can consist of
5 years ago
Andrew Morgan
f951f312e1
Fix terrible wording
5 years ago
Andrew Morgan
fae6883cc0
Update with review comments
5 years ago
Andrew Morgan
0a4c83ddb9
no plural. 3pid -> 3PID
5 years ago
Andrew Morgan
36a35a33cc
Clarify how the spec defines hashing algs
5 years ago
Andrew Morgan
ee10576d60
Update with feedback
5 years ago
David Baker
abb407145a
HS docs must be added too
...
also, unbind must not error when called by HSes and proxy terms token
5 years ago
David Baker
8ae47557c9
s/Third Party/Accepted/
5 years ago
David Baker
2555801458
m.third_party_terms -> m.accepted_terms
...
as it will have the HS's terms too
5 years ago
David Baker
4ba9b2a599
perfix
5 years ago
David Baker
a63e4420eb
Linkify
...
Co-Authored-By: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
5 years ago
Andrew Morgan
02ac0f3b33
Give the user control!
5 years ago
Andrew Morgan
acdb2b1b42
Merge branch 'hs/hash-identity' of github.com:matrix-org/matrix-doc into hs/hash-identity
5 years ago
Andrew Morgan
e3ff80291f
http err codes and hash wording fixes
5 years ago
Travis Ralston
21e93a123e
Naming and capitalization
5 years ago
Andrew Morgan
53f025edfc
Specify optional pepper rotation period
5 years ago
Andrew Morgan
2383a55720
404 for deprecated endpoint
5 years ago
Andrew Morgan
c63edc7b97
Clean up wording around peppers and hashes
5 years ago
Andrew Morgan
e3b2ad38b5
pepper -> lookup_pepper
5 years ago
Andrew Morgan
1fea604ba9
Don't define error message
5 years ago
David Baker
9ca3ccc81c
Add requirments section for de-duping between services.
5 years ago
David Baker
d4ca0c237a
Specify ID grammar and add comma
5 years ago
David Baker
276e2b6843
Typo
...
Co-Authored-By: Travis Ralston <travpc@gmail.com>
5 years ago
David Baker
cf48030d1f
One more tradeoff
5 years ago
David Baker
32c7fc638d
you have a number now
5 years ago
David Baker
23af87e9fc
Proposal for IS & IM TOS API
5 years ago
Andrew Morgan
1343e19a6d
Specify hash algorithm and fallback considerations
5 years ago
Andrew Morgan
f28476f0f3
line wrap and fix wording
5 years ago
Andrew Morgan
3ee27d3818
salt->pepper. 1 pepper/is. add multi-hash idea
5 years ago
Andrew Morgan
f41ed02c9e
remove sec concerns
5 years ago
Andrew Morgan
6bb4a9e911
Add per-is salt consideration
5 years ago
Andrew Morgan
5049e552e7
Drop /api from the new endpoint
5 years ago
Andrew Morgan
bc9b6c3659
Add salt to example and signal link
5 years ago
Andrew Morgan
063b9f60e0
Require a salt to defend against rainbow tables
5 years ago
Andrew Morgan
d2b47a585d
Allow for changing the hashing algo and add at-rest details
5 years ago
Will Hunt
f8dbf2b360
Update proposals/2134-identity-hash-lookup.md
...
Co-Authored-By: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
5 years ago
Will Hunt
12431f1a4e
Base64 potential issue
6 years ago
Will Hunt
8b92df74ab
s/medium/address
6 years ago
Will Hunt
a8c26d208b
Wrap
6 years ago
Will Hunt
3eff76b00a
MSC 2134
6 years ago
Sorunome
26349417ba
update spoiler render idea
6 years ago
Travis Ralston
fc1d8f184d
Merge pull request #2078 from matrix-org/anoa/msc2078
...
MSC2078: Sending Third-Party Request Tokens via the Homeserver
6 years ago
Travis Ralston
65c3935419
Merge pull request #2076 from matrix-org/rav/proposal/enforce_key_validity_periods
...
MSC2076: Enforce key-validity periods when validating event signatures
6 years ago
Travis Ralston
19575eb4d4
Merge pull request #2077 from matrix-org/rav/proposal/room_v5
...
MSC2077: room v5
6 years ago
Matthew Hodgson
950415c72a
Merge branch 'master' into matthew/msc1779
6 years ago
Matthew Hodgson
be568ba9ab
link to the legalified version of MSC1779
6 years ago
Travis Ralston
9cf03325b9
Merge pull request #2046 from matrix-org/travis/1.0/msc1915-unbind
...
Spec 3PID unbind API
6 years ago
Andrew Morgan
45e271c0f7
be super explicit
6 years ago
Andrew Morgan
7f65704ebc
Update wording and answer review comments
6 years ago
Andrew Morgan
3e23dde341
Be clear that any 3PID token request can now be done by the hs
6 years ago
Andrew Morgan
9000247008
Merge branch 'anoa/msc2078' of github.com:matrix-org/matrix-doc into anoa/msc2078
...
* 'anoa/msc2078' of github.com:matrix-org/matrix-doc:
Update proposals/2078-homeserver-password-resets.md
6 years ago
Andrew Morgan
d3f21e0360
Address review comments
6 years ago
Andrew Morgan
e49518099d
Be explicit with request/responses
6 years ago
Andrew Morgan
395acf8e06
Update proposals/2078-homeserver-password-resets.md
...
Co-Authored-By: Hubert Chathi <hubert@uhoreg.ca>
6 years ago
Andrew Morgan
6bb48723e8
The HS can send any URL
6 years ago
Andrew Morgan
6e0af5e64c
If no submit_url, just send it to the IS as before
6 years ago
Andrew Morgan
4174b61279
submit_url only if the user has to enter the code somewhere
6 years ago
Andrew Morgan
8259ae292a
Capitalise SMS
6 years ago
Andrew Morgan
7e18c5d5a8
Add new submit_url response field
6 years ago
Andrew Morgan
8cba7adcdf
Clarify conditions for attack
6 years ago
Andrew Morgan
085c5667a4
wrap lines
6 years ago
Andrew Morgan
1956f1a916
Revert "Remove attacker bit"
...
This reverts commit c9711acbc5
.
6 years ago
Andrew Morgan
c9711acbc5
Remove attacker bit
6 years ago
Andrew Morgan
4e692735f5
Update some wording
6 years ago
Andrew Morgan
cf932ad4f8
msc2078 - proposal for homeservers sending passwords reset requests
6 years ago
Richard van der Hoff
40b10f254b
clarifications
6 years ago
Richard van der Hoff
3347a480eb
fix typo
6 years ago