Fix auth rules of redactions in v3

specification/rooms/v3.rst

@@ -100,15 +100,17 @@ to the change in event format:
   is no domain in the event ID), but still needs to be signed by the sender's
   domain.
 
-* Previously, redactions were allowed if the sender's domain matched the domain
+* In past room versions, redactions were only permitted to enter the DAG if the
-  in the event ID it was redacting, allowing self redaction. Due to changes in
+  sender's domain matched the domain in the event ID being redacted, or the sender
-  the event format, this check is now impossible to do. Instead, servers should
+  had appropriate permissions per the power levels. Due to servers now not being
-  allow redactions from servers of the same origin to redact other events as a
+  able to determine where an event came from during event authorization, redaction
-  self-redaction mechanism. The rules for allowing other servers to redact events
+  events are always accepted (provided the event is allowed by ``events`` and
-  (as done by moderators) is unchanged. Redaction events only take effect when
+  ``events_default`` in the power levels). However, servers should not apply or send
-  the original event is received, and the domain of the each event matches.
+  redactions to clients until both the redaction event and original event have been
-  Servers should not send redactions down to clients until the redaction has
+  seen, and are valid. Servers should only apply redactions to events where the
-  taken effect.
+  origin sender's domains match, or the sender has the appropriate permissions per
+  the power levels.
+
 
 The remaining rules are the same as room version 1.