Comment out the part where identity services can revoke their keys
They can't because otherwise 3rd party invites can be rejected by homeservers, as per https://github.com/matrix-org/matrix-doc/issues/1633
This commit is contained in:
Travis Ralston
parent
3de50cbc7f
commit
5e6a2c30a2
1 changed files with 5 additions and 3 deletions
|
|
@ -80,9 +80,11 @@ in a scheme ``algorithm:identifier``, e.g. ``ed25519:0``. When signing an
|
||||||
association, the Matrix standard JSON signing format is used, as specified in
|
association, the Matrix standard JSON signing format is used, as specified in
|
||||||
the server-server API specification under the heading "Signing Events".
|
the server-server API specification under the heading "Signing Events".
|
||||||
|
|
||||||
In the event of key compromise, the identity service may revoke any of its keys.
|
.. TODO: Actually allow identity services to revoke all keys
|
||||||
An HTTP API is offered to get public keys, and check whether a particular key is
|
See: https://github.com/matrix-org/matrix-doc/issues/1633
|
||||||
valid.
|
.. In the event of key compromise, the identity service may revoke any of its keys.
|
||||||
|
An HTTP API is offered to get public keys, and check whether a particular key is
|
||||||
|
valid.
|
||||||
|
|
||||||
The identity server may also keep track of some short-term public-private
|
The identity server may also keep track of some short-term public-private
|
||||||
keypairs, which may have different usage and lifetime characteristics than the
|
keypairs, which may have different usage and lifetime characteristics than the
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue