wholetrans/docs-matrix-spec
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Don't remove id_server and id_access_token

Browse source
This commit is contained in:
Andrew Morgan 2019-09-26 17:51:51 +01:00
parent ec7e795112
commit 46e7137252
1 changed files with 8 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

17
proposals/2290-separate-threepid-bind-hs.md
View file

@ -164,8 +164,10 @@ other, which is the exact behaviour we're trying to eliminate. Doing this
also helps backward compatibility, as explained in [Backwards also helps backward compatibility, as explained in [Backwards
compatibility](#backwards-compatibility). compatibility](#backwards-compatibility).
The `id_server` and `id_access_token` parameters are to be removed Either the homeserver itself or a service that the homeserver delegates to
from all of the Client-Server API's `requestToken` endpoints. That is: should be handling the sending of validation messages, not a user-provided
server. Any mention of the homeserver being able to proxy to an identity
server in the below endpoint descriptions:
* [POST /account/3pid/email/requestToken](https://matrix.org/docs/spec/client_server/r0.5.0#post-matrix-client-r0-account-3pid-email-requesttoken) * [POST /account/3pid/email/requestToken](https://matrix.org/docs/spec/client_server/r0.5.0#post-matrix-client-r0-account-3pid-email-requesttoken)
* [POST /account/3pid/msisdn/requestToken](https://matrix.org/docs/spec/client_server/r0.5.0#post-matrix-client-r0-account-3pid-msisdn-requesttoken) * [POST /account/3pid/msisdn/requestToken](https://matrix.org/docs/spec/client_server/r0.5.0#post-matrix-client-r0-account-3pid-msisdn-requesttoken)
@ -174,13 +176,10 @@ from all of the Client-Server API's `requestToken` endpoints. That is:
* [POST /account/password/email/requestToken](https://matrix.org/docs/spec/client_server/r0.5.0#post-matrix-client-r0-account-password-email-requesttoken) * [POST /account/password/email/requestToken](https://matrix.org/docs/spec/client_server/r0.5.0#post-matrix-client-r0-account-password-email-requesttoken)
* [POST /account/password/msisdn/requestToken](https://matrix.org/docs/spec/client_server/r0.5.0#post-matrix-client-r0-account-password-msisdn-requesttoken) * [POST /account/password/msisdn/requestToken](https://matrix.org/docs/spec/client_server/r0.5.0#post-matrix-client-r0-account-password-msisdn-requesttoken)
Either the homeserver itself or a service that the homeserver delegates to As well as the text "It is imperative that the homeserver keep a list of
should be handling the sending of validation messages, not a user-provided trusted Identity Servers and only proxies to those that it trusts." is to be
server. Any mention of the homeserver being able to proxy to an identity removed from all parts of the spec, as the homeserver should no longer need
server in the above endpoint descriptions, as well as the text "It is to trust any identity servers.
imperative that the homeserver keep a list of trusted Identity Servers and
only proxies to those that it trusts." is to be removed from all parts of the
spec, as the homeserver should no longer need to trust any identity servers.
## Tradeoffs ## Tradeoffs