archive
/
matrix-spec
mirror of https://github.com/matrix-org/matrix-spec
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
main
dbkr/msc4178
release/v1.11
tulir/msc4142
release/v1.10
travis/msc2702-msc2701
rav/ref_objects_in_params
dkasak/foldable-sidebar
travis/knock-join
release/v1.9
release/v1.8
anoa/update_docsy
anoa/nix_flake
dbkr/3077-multi-stream-voip
release/v1.7
dbkr/2746-reliable-voip
rav/links_for_object_defs
release/v1.6
release/v1.5
release/v1.4
anoa/invite_knock_room_state
release/v1.3
push_gateway/r0.1.0
r0.0.0
0.2.0
application_service/r0.1.0
application_service/r0.1.1
application_service/r0.1.2
client-server/0.3.0
client-server/r0.1.0
client-server/r0.2.0
client-server/r0.3.0
client_server/r0.4.0
client_server/r0.5.0
client_server/r0.6.0
client_server/r0.6.1
identity_service/r0.1.0
identity_service/r0.2.0
identity_service/r0.2.1
identity_service/r0.3.0
push_gateway/r0.1.1
r0.0.1
server_server/r0.1.0
server_server/r0.1.1
server_server/r0.1.2
server_server/r0.1.3
server_server/r0.1.4
v1.1
v1.10
v1.11
v1.2
v1.3
v1.4
v1.5
v1.6
v1.7
v1.8
v1.9
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '5f5f99fcc1'
${ noResults }
matrix-spec/proposals/2366-key-verification-accep...

2.6 KiB
Raw Blame History

Key verification flow addition: m.key.verification.accept

The current key verification framework is asymmetrical in that the user who requests the verification is unable to select the key verification method. This makes it harder for more experienced users who wish to guide less experienced users through the verification process, especially if they are not verifying in-person, but are using a trusted but remote channel of verification (such as telephone or video conference).

Proposal

A new event type is added to the key verification framework: m.key.verification.accept, which may be sent by the target of the m.key.verification.request message, upon receipt of the m.key.verification.request event. It has the fields:

  • from_device: the ID of the device that sent the m.key.verification.accept message
  • methods: an array of verification methods that the device supports

It also has the usual transaction_id or m.relates_to fields for key verification events, depending on whether it is sent as a to-device event or an in-room event.

After the m.key.verification.accept event is sent, either party can send an m.key.verification.start event to begin the verification. If both parties send an m.key.verification.start event, and they both specify the same verification method, then the event sent by the user whose user ID is the smallest is used, and the other m.key.verification.start event is ignored. In the case of a single user verifying two of their devices, the device ID is compared instead. If both parties send an m.key.verification.start event, but they specify different verification methods, the verification should be cancelled with a code of m.unexpected_message.

The m.key.verification.accept event is optional; the recipient of the m.key.verification.request event may respond directly with a m.key.verification.start event instead. This is for compatibility with the current version of the spec.

Potential issues

There are now three possible ways that a key verification can be performed:

  1. A device begins a verification by sending an m.key.verification.start event. This is only possible for to-device verification.
  2. A device sends an m.key.verification.request event and the recipient replies with an m.key.verification.start event.
  3. A device sends an m.key.verification.request event and the recipient replies with an m.key.verification.accept event, and which point, either device can send an m.key.verification.start event to begin the verification.

This increases the complexity of implementations.