Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

spec should be clearer about how to handle m.room.encryption events #535

Open
uhoreg opened this issue Aug 31, 2019 · 4 comments
Open

spec should be clearer about how to handle m.room.encryption events #535

uhoreg opened this issue Aug 31, 2019 · 4 comments
Labels
A-Client-Server Issues affecting the CS API A-E2EE Issues about end-to-end encryption clarification An area where the expected behaviour is understood, but the spec could do with being more explicit enhancement A suggestion for a relatively simple improvement to the protocol security

Comments

@uhoreg
Copy link
Member

uhoreg commented Aug 31, 2019

For example, how to interpret:

  • m.room.encryption events that have been redacted
    • when you're in the room when the event is redacted
    • when you join the room after the event is redacted and so don't see the original event
  • m.room.encryption events that are "invalid"
    • missing fields
    • use an algorithm that you don't understand
  • multiple m.room.encryption events
@uhoreg
Copy link
Member Author

uhoreg commented Aug 31, 2019

e.g. see discussion at matrix-org/matrix-spec-proposals#2176 (comment)

@uhoreg uhoreg mentioned this issue Aug 31, 2019
Merged
@turt2live
Copy link
Member

this can probably all be solved in a single MSC ftr. The current recommendations that would be put into the spec still have holes.

@turt2live turt2live added clarification An area where the expected behaviour is understood, but the spec could do with being more explicit A-Client-Server Issues affecting the CS API enhancement A suggestion for a relatively simple improvement to the protocol labels Aug 31, 2019
@richvdh richvdh mentioned this issue Sep 2, 2019
Open
@uhoreg uhoreg added the A-E2EE Issues about end-to-end encryption label Sep 11, 2019
@uhoreg uhoreg mentioned this issue Sep 11, 2019
Open
@richvdh richvdh transferred this issue from matrix-org/matrix-spec-proposals Mar 1, 2022
@dkasak dkasak added the security label May 3, 2023
@dkasak
Copy link
Member

dkasak commented Jun 9, 2023

I propose that we should treat any change in the algorithm as breaking the room. It's the simplest and most obviously secure choice, and the algorithm can easily be changed by tombstoning the room.

@Mikaela
Copy link

Mikaela commented Mar 2, 2024

https://spec.matrix.org/v1.9/client-server-api/#events-8 has this event:

{
  "algorithm": "m.megolm.v1.aes-sha2",
  "rotation_period_ms": 604800000,
  "rotation_period_msgs": 100
}

I understand that I am not allowed to touch algorithm, but how about rotation_period_ms and rotation_period_msgs? Setting them to the recommended defaults in the link breaks Element Web and I don't see anything forbidding me from touching them if I want to.

If I understood correctly, this particular case is also tracked at element-hq/element-web#27103.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
A-Client-Server Issues affecting the CS API A-E2EE Issues about end-to-end encryption clarification An area where the expected behaviour is understood, but the spec could do with being more explicit enhancement A suggestion for a relatively simple improvement to the protocol security
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@dkasak @Mikaela @uhoreg @turt2live