Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Rename "invisible crypto" config setting to something else we agree on #2536

Closed
2 tasks done
andybalaam opened this issue Sep 23, 2024 · 7 comments
Closed
2 tasks done
Assignees

Comments

@andybalaam
Copy link

andybalaam commented Sep 23, 2024

Tasks

  1. A-E2EE
    BillCarsonFr
  2. A-E2EE
    BillCarsonFr
@pmaier1
Copy link
Contributor

pmaier1 commented Sep 23, 2024

Proposal

Ignore unverified devices when sending/receiving messages

@richvdh
Copy link
Member

richvdh commented Sep 23, 2024

The js-sdk exposes a separate mode called "transition mode". Apparently this means:

  • Encryption will throw an error if a verified user has an unsigned device, or if a verified user replaces their identity.
  • Events are decrypted only if they come from cross-signed devices, or devices that existed before the Rust crypto SDK started tracking device trust: other events will result in a decryption failure.

(See matrix-org/matrix-js-sdk#4407)

Now that I look at that list, I can't see why it would ever be useful. @BillCarsonFr: any ideas?

@richvdh
Copy link
Member

richvdh commented Sep 23, 2024

We're doing some brainstorming to figure out what we actually want here

@richvdh
Copy link
Member

richvdh commented Sep 23, 2024

Now that I look at that list, I can't see why it would ever be useful. @BillCarsonFr: any ideas?

After discussion: we believe that we do not need a separate "transition mode" at the application level, but we do need some flexibility at the js-sdk level. We'll need some changes to the current js-sdk impl though: matrix-org/matrix-js-sdk#4428.

@richvdh
Copy link
Member

richvdh commented Sep 26, 2024

Following a suggestion by @mxandreas, I think we're instead converging on:

Exclude insecure devices when sending/receiving messages

@BillCarsonFr
Copy link
Member

Following a suggestion by @mxandreas, I think we're instead converging on:

Exclude insecure devices when sending/receiving messages

Right, will update EIX/EAX side when doing https://github.com/element-hq/crypto-internal/issues/353 and https://github.com/element-hq/crypto-internal/issues/354

@BillCarsonFr
Copy link
Member

Following a suggestion by @mxandreas, I think we're instead converging on:

Exclude insecure devices when sending/receiving messages

Right, will update EIX/EAX side when doing element-hq/crypto-internal#353 and element-hq/crypto-internal#354

In review in element-hq/element-x-ios#3358 and element-hq/element-x-android#3569

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

4 participants