Skip to content
This repository has been archived by the owner on Apr 26, 2024. It is now read-only.

configuration flag to enable encryption by default in new rooms #2431

Closed
turt2live opened this issue Aug 25, 2017 · 6 comments · Fixed by #7639
Closed

configuration flag to enable encryption by default in new rooms #2431

turt2live opened this issue Aug 25, 2017 · 6 comments · Fixed by #7639
Assignees
@anoadragon453

Comments

@turt2live
Copy link
Member

To force everyone on the server to use it.
@aaronraimist aaronraimist mentioned this issue Sep 5, 2018
Closed
@ara4n
Copy link
Member

ara4n commented Sep 6, 2018

this already exists on the dinsic branch; needs to be ported to develop

@ara4n
Copy link
Member

ara4n commented May 14, 2020

c.f. #3426

This is more important given Riot is now e2ee by default, and folks expect the server to have the option to enforce this.

@richvdh richvdh changed the title Global configuration flag to enable encryption configuration flag to enable encryption by default in new rooms May 21, 2020
@anoadragon453 anoadragon453 self-assigned this Jun 4, 2020
@anoadragon453
Copy link
Member

anoadragon453 commented Jun 4, 2020
edited
Loading

Is this only for private rooms? The issue says any new room, whereas the linked PR only acts on private rooms.

I'm going to write a PR atm assuming we want private-only.

@anoadragon453 anoadragon453 mentioned this issue Jun 4, 2020
Merged
@anoadragon453
Copy link
Member

People have expressed that they would like to have the option between:

  • Enforcing encryption in private rooms only
  • Enforcing encryption in public and private rooms
  • No enforcement

As a config option design, this could be two options - one for public and one for private, however I feel that's not very future-proof. Instead, I'm thinking of:

# possible options: "all", "private", "off"
#encryption_enabled_by_default_for_room_type: "off"

Sound plausible?

@anoadragon453
Copy link
Member

Sound plausible?

Discussions in #synapse-dev were positive. PR now has the updated format.

anoadragon453 added a commit that referenced this issue Jun 10, 2020
@anoadragon453
Add option to enable encryption by default for new rooms (#7639)
fcd6961 
Fixes #2431

Adds config option `encryption_enabled_by_default_for_room_type`, which determines whether encryption should be enabled with the default encryption algorithm in private or public rooms upon creation. Whether the room is private or public is decided based upon the room creation preset that is used.

Part of this PR is also pulling out all of the individual instances of `m.megolm.v1.aes-sha2` into a constant variable to eliminate typos ala #7637

Based on #7637
@Bun-Bun
Copy link

Bun-Bun commented Jun 15, 2020

People have expressed that they would like to have the option between:

* Enforcing encryption in private rooms only

* Enforcing encryption in public and private rooms

* No enforcement

You missed the biggest recent requested option since riot forced e2ee on.

  • Fully disable e2ee

This was referenced Jun 15, 2020
Open
Open
@Bun-Bun Bun-Bun mentioned this issue Jun 15, 2020
Open
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@anoadragon453 anoadragon453

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Add option to enable encryption by default for new rooms matrix-org/synapse
4 participants
@turt2live @ara4n @anoadragon453 @Bun-Bun