-
Notifications
You must be signed in to change notification settings - Fork 386
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
MSC2366: Key verification flow additions: m.key.verification.ready and m.key.verification.done #2366
Conversation
m.key.verification.accept
m.key.verification.accept
m.key.verification.accept
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good overall!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
seems sensible
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think this MSC could do with a TL;DR as I'm failing to parse how the new event type helps achieve the "more experienced user helping the less experienced user" story.
Could you put in a quick example of this please?
@anoadragon453 I've added an example. |
@mscbot fcp merge |
Team member @richvdh has proposed to merge this. The next step is review by the rest of the tagged people: Concerns:
Once at least 75% of reviewers approve (and there are no outstanding concerns), this will enter its final comment period. If you spot a major issue that hasn't been raised at any point in this process, please speak up! See this document for information about what commands tagged team members can give me. |
and in to-device messages to accept verifications requested using an | ||
`m.key.verification.request` event. | ||
|
||
The second event type is `m.key.verification.done`, which has no fields other |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
How long should the other client wait until it receives a done, as old clients won't send that? The normal timeout of 10min sounds pretty long.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I have the same question. Riot doesn't send this, when you are not verifying in DMs it seems. So we kinda need a behaviour for the transition phase, when a client follows the current spec.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
when you are not verifying in DMs
It seems to be only sent, when verifying via DMs. So it seems like it is not sent in to_device messaging. This proposal suggests, that clients would be sending them already, but they don't. Unless I am missing something.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ah, sorry. I read your sentence several times, and managed to miss the "not" every time. :-/
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I just tried in Element Web in a non-DM self-verification, and it does send an m.key.verification.ready
in response to m.key.verification.request
. Trying to directly verify another user's device seems to send an m.key.verification.start
directly, so it is not affected by this case.
I haven't tried Element Android or Element iOS yet.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, that matches my tests as well. It can deal with request, but if you start it from Element, it uses start (for to_device verifications).
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I just tested Element Web, and it sent an m.key.verification.done
after verifying using to-device. I haven't tested Android or iOS. In response to the original question in this thread:
How long should the other client wait until it receives a done, as old clients won't send that?
I think that we're at the point where we don't need to worry about "old" clients (it looks like Element is doing this, and just waiting until the normal timeout), but if you do want to worry about old clients, you could 1) wait for the .done
, but allow the user to exit the verification UI, or 2) exit the verification UI once it's completed on your side, without waiting for the .done
to come in from the other user.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Does element-web also send a .done
if you don't initiate verification via popup but via the device menu on the right? The device menu on the right also skips the .request
and starts directly with a .start
, so yeah
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes. I tested initialting verification both via the popup and via the device menu. In both situations, it sent the .done
in my tests. (I also noticed that initiating from the device menu skipped the .request
step.)
`m.key.verification.start` event to begin the verification. If both parties | ||
send an `m.key.verification.start` event, and they both specify the same | ||
verification method, then the event sent by the user whose user ID is the | ||
lexicographically smallest is used, and the other `m.key.verification.start` event is ignored. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It's not immediately obvious that this algorithm solves the glare proble. I think it is robust, but when it lands in the specit would be good to clairify exactly what "used" means here, and to add some walk throughs and/or sequence diagrams.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
An implementation of this proposal is currently available in Element Web.
LGTM.
🔔 This is now entering its final comment period, as per the review above. 🔔 |
The final comment period, with a disposition to merge, as per the review above, is now complete. |
Merged! 🎉 |
Rendered