[Members] Looking at the Matrix e2e specs...
dave at cridland.net
Fri Jan 10 15:32:23 UTC 2020
Those are the "prekeys" (similar to client init keys in MLS), which need to
be published to somewhere other people can find them. For Matrix, that's a
service on the homeserver, for us it'd be PEP or some other service on the
user's bare jid.
In either case, it's not a centralized service.
On Fri, 10 Jan 2020 at 15:17, Winfried Tilanus <winfried at tilanus.com> wrote:
> Am I missing something while reading the Matrix e2e spec or does it rely
> on the Matrix server for distributing the public keys:
> Creating and registering device keys
> This process only happens once, when a device first starts.
> It must create the Ed25519 fingerprint key pair and the Curve25519
> identity key pair. This is done by calling olm_create_account in libolm.
> The (base64-encoded) keys are retrieved by calling
> olm_account_identity_keys. The account should be stored for future use.
> It should then publish these keys to the homeserver, which is done by
> using the device_keys property of the /keys/upload endpoint.
> In order to sign the device_keys payload as described in Signing JSON,
> clients should call olm_account_sign.
> And does it combine that with leap of faith verification of the key
> fingerprint by default?
> last line of "Downloading the device list for users in the room"):
> Otherwise the client stores the information about this device.
> If anybody know more about this, please let me know!
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Members