[Members] Looking at the Matrix e2e specs...
winfried at tilanus.com
Fri Jan 10 15:17:12 UTC 2020
Am I missing something while reading the Matrix e2e spec or does it rely
on the Matrix server for distributing the public keys:
Creating and registering device keys
This process only happens once, when a device first starts.
It must create the Ed25519 fingerprint key pair and the Curve25519
identity key pair. This is done by calling olm_create_account in libolm.
The (base64-encoded) keys are retrieved by calling
olm_account_identity_keys. The account should be stored for future use.
It should then publish these keys to the homeserver, which is done by
using the device_keys property of the /keys/upload endpoint.
In order to sign the device_keys payload as described in Signing JSON,
clients should call olm_account_sign.
And does it combine that with leap of faith verification of the key
fingerprint by default?
last line of "Downloading the device list for users in the room"):
Otherwise the client stores the information about this device.
If anybody know more about this, please let me know!
More information about the Members