You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
60 lines
2.4 KiB
ReStructuredText
60 lines
2.4 KiB
ReStructuredText
.. Copyright 2019 The Matrix.org Foundation C.I.C.
|
|
..
|
|
.. Licensed under the Apache License, Version 2.0 (the "License");
|
|
.. you may not use this file except in compliance with the License.
|
|
.. You may obtain a copy of the License at
|
|
..
|
|
.. http://www.apache.org/licenses/LICENSE-2.0
|
|
..
|
|
.. Unless required by applicable law or agreed to in writing, software
|
|
.. distributed under the License is distributed on an "AS IS" BASIS,
|
|
.. WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
.. See the License for the specific language governing permissions and
|
|
.. limitations under the License.
|
|
|
|
Room Version 5
|
|
==============
|
|
|
|
This room version builds on `version 4 <v4.html>`_ while enforcing signing
|
|
key validity periods for events.
|
|
|
|
.. contents:: Table of Contents
|
|
.. sectnum::
|
|
|
|
|
|
Client considerations
|
|
---------------------
|
|
|
|
There are no specific requirements for clients in this room version. Clients should
|
|
be aware of event ID changes in `room version 4 <v4.html>`_, however.
|
|
|
|
|
|
Server implementation components
|
|
--------------------------------
|
|
|
|
.. WARNING::
|
|
The information contained in this section is strictly for server implementors.
|
|
Applications which use the Client-Server API are generally unaffected by the
|
|
intricacies contained here. The section above regarding client considerations
|
|
is the resource that Client-Server API use cases should reference.
|
|
|
|
|
|
Room version 5 uses the same algorithms defined in `room version 4 <v4.html>`_, ensuring
|
|
that signing key validity is respected.
|
|
|
|
Signing key validity period
|
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
|
|
When validating event signatures, servers MUST enforce the ``valid_until_ts`` property
|
|
from a key request is at least as large as the ``origin_server_ts`` for the event being
|
|
validated. Servers missing a copy of the signing key MUST try to obtain one via the
|
|
`GET /_matrix/key/v2/server <../server_server/r0.1.1.html#get-matrix-key-v2-server-keyid>`_
|
|
or `POST /_matrix/key/v2/query <../server_server/r0.1.1.html#post-matrix-key-v2-query>`_
|
|
APIs. When using the ``/query`` endpoint, servers MUST set the ``minimum_valid_until_ts``
|
|
property to prompt the notary server to attempt to refresh the key if appropriate.
|
|
|
|
Servers MUST use the lesser of ``valid_until_ts`` and 7 days into the future when
|
|
determining if a key is valid. This is to avoid a situation where an attacker
|
|
publishes a key which is valid for a significant amount of time without a way for
|
|
the homeserver owner to revoke it.
|