Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Auth for content repo (and enforcing GDPR erasure) #3796

Open
matrixbot opened this issue Aug 20, 2016 · 8 comments
Open

Auth for content repo (and enforcing GDPR erasure) #3796

matrixbot opened this issue Aug 20, 2016 · 8 comments
Labels
kind:core MSC which is critical to the protocol's success needs-implementation This MSC does not have a qualifying implementation for the SCT to review. The MSC cannot enter FCP. proposal A matrix spec change proposal

Comments

@matrixbot
Copy link
Member

matrixbot commented Aug 20, 2016

Formerly MSC701.
Documentation: https://docs.google.com/document/d/1ERHpmthZyspnZtE3tQzxKTkcxar6JANeyNXgz2_djhA/edit#
Author: @ara4n
Date: 2018-06-04

The media repository is currently unauthed; anybody can access posted images, avatars, etc, if they know the URI.

Submitted by @​matthew:matrix.org

(Imported from https://matrix.org/jira/browse/SPEC-445)

@matrixbot
Copy link
Member Author

Jira watchers: @ara4n @richvdh

@matrixbot
Copy link
Member Author

Actually, E2E provides quite an elegant solution for this, in that you can't decrypt the content if you don't have the keys. (Then again, from a corp security perspective they prolly don't even want you downloading the encrypted data)

-- @ara4n

@matrixbot matrixbot added the p5 label Oct 28, 2016
@matrixbot matrixbot changed the title Auth for media repo Auth for media repo (SPEC-445) Oct 31, 2016
@matrixbot matrixbot added the feature Suggestion for a significant extension which needs considerable consideration label Nov 7, 2016
@richvdh richvdh changed the title Auth for media repo (SPEC-445) Auth for content repo (SPEC-445) Oct 16, 2017
@richvdh
Copy link
Member

richvdh commented Oct 16, 2017

Synapse-side issue at https://github.com/matrix-org/synapse/issues/2150

@turt2live
Copy link
Member

I don't think this has been answered somewhere, so asking here in hopes people have ideas: How would federated media work?

In theory the server could start signing requests to download media, although that doesn't really guarantee that the person making the request is allowed to do so (ie: is in the room). With the upcoming introduction of users being linked to key-like objects, we could possibly use those to sign the requests, however there's nothing to stop a server lying about which user is requesting the media.

Then there's the question of the user potentially wanting specific media being publicly accessible. The primary use case being the IRC bridge which pastebins long messages.

@ara4n
Copy link
Member

ara4n commented Jun 4, 2018

let's discuss this over at matrix-org/synapse#2150 matrix-org/matrix-spec#870, as that bug's bigger

@ara4n ara4n changed the title Auth for content repo (SPEC-445) Auth for content repo Jun 7, 2018
@ara4n ara4n added proposal A matrix spec change proposal and removed feature Suggestion for a significant extension which needs considerable consideration p5 labels Jun 7, 2018
@ara4n ara4n changed the title Auth for content repo Auth for content repo (needed to enforce GDPR erasure) Jun 7, 2018
@ara4n ara4n changed the title Auth for content repo (needed to enforce GDPR erasure) Auth for content repo (and enforcing GDPR erasure) Jun 7, 2018
@turt2live turt2live added the kind:core MSC which is critical to the protocol's success label Apr 21, 2020
@turt2live turt2live added the needs-implementation This MSC does not have a qualifying implementation for the SCT to review. The MSC cannot enter FCP. label Jun 8, 2021
@richvdh
Copy link
Member

richvdh commented Dec 24, 2021

see also #2461 which is an alternative proposal.

@richvdh
Copy link
Member

richvdh commented Jan 3, 2024

See also #3916 and #3911 which are yet more alternative proposals.

@turt2live
Copy link
Member

Note that this MSC is more to do with what we now call "linking" instead, as a sort of MSC3911 alternative. MSC3916 does have some overlap, but not nearly as much as MSC3911 does.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
kind:core MSC which is critical to the protocol's success needs-implementation This MSC does not have a qualifying implementation for the SCT to review. The MSC cannot enter FCP. proposal A matrix spec change proposal
Projects
None yet
Development

No branches or pull requests

5 participants