wholetrans/docs-matrix-spec
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Deprecate the sender_key and device_id on Megolm events (#1101)

Browse source 
* Deprecate the `sender_key` and `device_id` on Megolm events

MSC: https://github.com/matrix-org/matrix-spec-proposals/pull/3700 ([Markdown](https://github.com/matrix-org/matrix-spec-proposals/blob/main/proposals/3700-deprecate-sender-key.md))

The language around `m.room.encrypted` is a bit awkward because *technically* you can use the event to represent non-Megolm events, however that's considered an edge case at this time.

* changelog

* Apply wording changes

* Remove incorrect example

* Add missing sentence
This commit is contained in:
Travis Ralston 2022-06-09 02:24:41 -06:00 committed by GitHub
parent c4db688af8
commit 926c6bad61
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 85 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

30
data/event-schemas/schema/m.room.encrypted.yaml
View file

@ -40,10 +40,35 @@ properties:
Olm event. For more details, see [Messaging Algorithms](/client-server-api/#messaging-algorithms).
sender_key:
type: string
description: The Curve25519 key of the sender.
x-changedInMatrixVersion:
1.3: |-
Previously this field was required, however given it offers no additional
security or privacy benefit it has been deprecated for Megolm messages.
See [`m.megolm.v1.aes-sha2`](#mmegolmv1aes-sha2) for more information.
description: |-
The Curve25519 key of the sender. Required (not deprecated) if not using Megolm.
**Deprecated**: This field provides no additional security or privacy benefit
for Megolm messages and must not be read from if the encrypted event is using
Megolm. It should still be included on outgoing messages, however must not be
used to find the corresponding session. See [`m.megolm.v1.aes-sha2`](#mmegolmv1aes-sha2)
for more information.
device_id:
type: string
description: The ID of the sending device. Required with Megolm.
x-changedInMatrixVersion:
1.3: |-
Previously this field was required for Megolm messages, however given it
offers no additional security or privacy benefit it has been deprecated
for Megolm messages. See [`m.megolm.v1.aes-sha2`](#mmegolmv1aes-sha2) for
more information.
description: |-
The ID of the sending device.
**Deprecated**: This field provides no additional security or privacy benefit
for Megolm messages and must not be read from if the encrypted event is using
Megolm. It should still be included on outgoing messages, however must not be
used to find the corresponding session. See [`m.megolm.v1.aes-sha2`](#mmegolmv1aes-sha2)
for more information.
session_id:
type: string
description: |-
@ -51,7 +76,6 @@ properties:
Megolm.
required:
- algorithm
- sender_key
- ciphertext
type: object
type:

12
data/event-schemas/schema/m.room_key_request.yaml
View file

@ -23,8 +23,19 @@ properties:
description: The room where the key is used.
sender_key:
type: string
x-changedInMatrixVersion:
1.3: |-
Previously this field was required, however given it offers no additional
security or privacy benefit it has been deprecated. See [`m.megolm.v1.aes-sha2`](#mmegolmv1aes-sha2)
for more information.
description: |-
The Curve25519 key of the device which initiated the session originally.
**Deprecated**: This field provides no additional security or privacy benefit
and must not be read from. It should still be included on outgoing messages
(if the event for which keys are being requested for *also* has a `sender_key`),
however must not be used to find the corresponding session. See [`m.megolm.v1.aes-sha2`](#mmegolmv1aes-sha2)
for more information.
session_id:
type: string
description: The ID of the session that the key is for.
@ -32,7 +43,6 @@ properties:
- algorithm
- room_id
- session_id
- sender_key
type: object
title: RequestedKeyInfo
action: