From 738fa6833e033bbf5e6a58c7003d1dc1904dc404 Mon Sep 17 00:00:00 2001 From: Travis Ralston Date: Thu, 5 Sep 2019 20:24:17 -0600 Subject: [PATCH 1/3] Proposal to make the identity server optional during discovery --- ...0000-optional-identity-server-discovery.md | 22 +++++++++++++++++++ 1 file changed, 22 insertions(+) create mode 100644 proposals/0000-optional-identity-server-discovery.md diff --git a/proposals/0000-optional-identity-server-discovery.md b/proposals/0000-optional-identity-server-discovery.md new file mode 100644 index 00000000..013a3e77 --- /dev/null +++ b/proposals/0000-optional-identity-server-discovery.md @@ -0,0 +1,22 @@ +# Proposal to make the identity server optional during discovery + +Currently the specification requires that clients `FAIL_ERROR` (hard failure - do not continue) +when the `.well-known` file for `m.identity_server` points to somewhere invalid or is invalid +itself. + +This proposal aims to change that by allowing clients to make a conscious decision to continue +with the invalid identity server configuration, provided the homeserver configuration is valid. + +## Proposal + +Instead of `FAIL_ERROR` for an invalid `m.identity_server` schema/server, clients are to move +to the `FAIL_PROMPT` (inform the user, ask for input if applicable) state. Clients can decide +to show a warning that the identity server is unavailable and allow the user to continue with +the invalid (or client's default) configuration. + +## Tradeoffs + +Clients can end up being configured with an invalid or inoperable identity server. This is +considered a feature by this proposal to allow for less intelligent clients to have their +identity server disabled. Intelligent clients could interpret the lack of identity server +as the homeserver/user asking that identity server functionality be disabled in the client. From 6baeb6c21875f2440f220561af2d069e85749bd9 Mon Sep 17 00:00:00 2001 From: Travis Ralston Date: Thu, 5 Sep 2019 20:25:31 -0600 Subject: [PATCH 2/3] Assign number --- ...-discovery.md => 2284-optional-identity-server-discovery.md} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename proposals/{0000-optional-identity-server-discovery.md => 2284-optional-identity-server-discovery.md} (94%) diff --git a/proposals/0000-optional-identity-server-discovery.md b/proposals/2284-optional-identity-server-discovery.md similarity index 94% rename from proposals/0000-optional-identity-server-discovery.md rename to proposals/2284-optional-identity-server-discovery.md index 013a3e77..2da7018f 100644 --- a/proposals/0000-optional-identity-server-discovery.md +++ b/proposals/2284-optional-identity-server-discovery.md @@ -1,4 +1,4 @@ -# Proposal to make the identity server optional during discovery +# MSC2284: Making the identity server optional during discovery Currently the specification requires that clients `FAIL_ERROR` (hard failure - do not continue) when the `.well-known` file for `m.identity_server` points to somewhere invalid or is invalid From dcbdb94693edcff28efbb813302c90248258cbcc Mon Sep 17 00:00:00 2001 From: Travis Ralston Date: Fri, 8 Nov 2019 09:03:49 -0700 Subject: [PATCH 3/3] Add explanation --- proposals/2284-optional-identity-server-discovery.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/proposals/2284-optional-identity-server-discovery.md b/proposals/2284-optional-identity-server-discovery.md index 2da7018f..940f3381 100644 --- a/proposals/2284-optional-identity-server-discovery.md +++ b/proposals/2284-optional-identity-server-discovery.md @@ -2,7 +2,9 @@ Currently the specification requires that clients `FAIL_ERROR` (hard failure - do not continue) when the `.well-known` file for `m.identity_server` points to somewhere invalid or is invalid -itself. +itself. This can cause problems for clients if they either don't need an identity server to +function (and are forced to validate it anyways) or the client ends up having to disable all +their login UX because the identity server is misconfigured/down. This proposal aims to change that by allowing clients to make a conscious decision to continue with the invalid identity server configuration, provided the homeserver configuration is valid.