If publishing the cross-signing keys fails, we give up trying but we should keep trying #27253
Comments
|
This is related to #26322, in that both are about updating the private key in 4S without updating the public key. |
MidhunSureshR
added
T-Defect
S-Major
|
@kegsay from what I've heard you took over progressing on the mentioned MSC recently. I see it's already been implemented in Synapse. What's the status? Can we get it done as a fix for this case? |
|
@pmaier1 No, the fix I'm applying does not seem to apply here. My change improves robustness when on poor networks, which does not appear to be the case here. This particular issue appears to be server misconfiguration. |
Just misconfiguration? So not an actual bug that needs fixing? |
|
This issue is still a valid bug because:
Server misconfiguration can cause UIA errors, which is the root cause for the rageshakes we have received. |
I have the same issue with 1.11.6x versions, downgrading to 1.11.5x resolved the issue |
andybalaam
changed the title
When first logging in on a new account, we try to publish cross-signing keys (via
/device_keys/upload).This process can fail for example, if the homeserver is configured to use SSO auth. (Publishing the public keys requires user-interactive auth, which may fail. matrix-org/matrix-spec-proposals#3967 is an attempt to help with that,
but is as yet unstandardised. Edit 2024-06-11: It is now standardised, and element-hq/synapse#17284 lands support for it in Synapse.)If the process fails (either because the HS rejects it or the user gets bored of trying to do UIA), we show an error:
After that point, the application is fully-functional, and will even allow you to set up 4S and store the private cross-signing keys in 4S. The problem is that there is no further attempt to publish the public keys, so the account is now totally broken until the user resets cross-signing.
The text was updated successfully, but these errors were encountered: