wholetrans/docs-matrix-spec
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Give example of verification dance

Browse source
This commit is contained in:
Daniel Wagner-Hall 2015-10-02 09:14:31 -05:00
parent 9d8dc7971d
commit b29fdebec2
1 changed files with 22 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

23
specification/modules/third_party_invites.rst
View file

@ -41,7 +41,28 @@ All homeservers MUST verify that sig(``token``, ``public_key``) = ``signature``.
If a client of the current homeserver is joining by an If a client of the current homeserver is joining by an
``m.room.third_party_invite``, that homesever MUST validate that the public ``m.room.third_party_invite``, that homesever MUST validate that the public
key used for signing is still valid, by checking ``key_validity_url``. It does key used for signing is still valid, by checking ``key_validity_url``. It does
this by making an HTTP GET request to ``key_validity_url``, with the querystring this by making an HTTP GET request to ``key_validity_url``:
Schema::
=> GET $key_validity_url?public_key=$public_key
<= HTTP/1.1 200 OK
{
"valid": true|false
}
Example::
key_validity_url = https://identity.server/is_valid
public_key = ALJWLAFQfqffQHFqFfeqFUOEHf4AIHfefh4
=> GET https://identity.server/is_valid?public_key=ALJWLAFQfqffQHFqFfeqFUOEHf4AIHfefh4
<= HTTP/1.1 200 OK
{
"valid": true
}
with the querystring
?public_key=``public_key``. A JSON object will be returned, and the key is ?public_key=``public_key``. A JSON object will be returned, and the key is
considered valid if the object contains a key named ``valid`` whose value is considered valid if the object contains a key named ``valid`` whose value is
``true``. If this cannot be verified, the invitation must be rejected. ``true``. If this cannot be verified, the invitation must be rejected.