Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

e2ee/device verification: clarifications #1830

Open
wants to merge 16 commits into
base: main
Choose a base branch
from

Conversation

sumnerevans
Copy link
Contributor

@sumnerevans sumnerevans commented May 28, 2024

  • e2ee/device verification: move general error handling under framework

    Most of the "Error and exception handling" section is generally applicable to other verification methods besides SAS, so I moved those bullet points under "Key verification framework".

  • e2ee/device verification/error handling: fix typo start -> request

    It used to be possible to create a start request without a request, but this was deprecated.

  • m.key.verification.start: remove wording that it is typically to-device

    It can be either a to-device event or an in-room-event.

  • e2ee/device verification: normalize all links

    Changes the format of all links in the Device Verification section to be:

    [`m.key.verification.whatever`](#mkeyverificationwhatever)
    

    This involved adding links in a bunch of places, but also changing many links that did not have code within them to have the backticks.

  • e2ee/device verification start: clarify required nature of transaction_id or m.relates_to

    Add notes about the fact that the start event may be the first event sent during a verification process and that clients should handle other clients doing so, but not themselves send the start event first.

Signed-off-by: Sumner Evans sumner.evans@automattic.com

Pull Request Checklist

Preview: https://pr1830--matrix-spec-previews.netlify.app

@richvdh richvdh marked this pull request as ready for review May 29, 2024 14:43
@richvdh richvdh requested a review from a team as a code owner May 29, 2024 14:43
Most of the "Error and exception handling" section is generally
applicable to other verification methods besides SAS, so I moved those
bullet points under "Key verification framework".

Signed-off-by: Sumner Evans <sumner.evans@automattic.com>
It used to be possible to create a start request without a request, but
this was deprecated.

Signed-off-by: Sumner Evans <sumner.evans@automattic.com>
It can be either a to-device event or an in-room event.

Signed-off-by: Sumner Evans <sumner.evans@automattic.com>
Signed-off-by: Sumner Evans <sumner.evans@automattic.com>
@sumnerevans sumnerevans force-pushed the device-verification-clarifications branch from fa53f58 to b8808ca Compare May 30, 2024 04:05
@sumnerevans sumnerevans requested a review from uhoreg May 30, 2024 04:05
Copy link
Member

@richvdh richvdh left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for this, and thanks for structuring it in a way that makes it easy to review!

- When a device receives an unknown `transaction_id`, it should send an
appropriate `m.key.verification.cancel` message to the other device
indicating as such. This does not apply for inbound
`m.key.verification.request` or `m.key.verification.cancel` messages.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I just checked, and the spec still allows verifications to start with m.key.verification.start:

When verifying using to-device messages, an m.key.verification.start message can also be sent independently of any request, specifying the verification method to use. This behaviour is deprecated, and new clients should not begin verifications in this way. However, clients should handle such verifications started by other clients.

in https://spec.matrix.org/unstable/client-server-api/#key-verification-framework (second-last paragraph before https://spec.matrix.org/unstable/client-server-api/#mroommessagemkeyverificationrequest).

So this sentence should allow unknown transaction_id for m.key.verification.request, m.key.verification.start, and m.key.verification.cancel.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We should probably fix this documentation, then

image

Since the m.relates_to is not required if sending the start as the first message, right?

And the transaction_id is just arbitrary if not related to a request.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You can only initiate the verification with a .start if it's done using to-device messages. (Confusing, I know.) So the "Required when sent as an in-room message" for m.relates_to is still correct.

sumnerevans and others added 7 commits June 7, 2024 10:28
…amework

Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
…amework

Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
…amework

Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
…amework

Signed-off-by: Sumner Evans <sumner.evans@automattic.com>
…amework

Signed-off-by: Sumner Evans <sumner.evans@automattic.com>
…amework

Signed-off-by: Sumner Evans <sumner.evans@automattic.com>
…amework

Signed-off-by: Sumner Evans <sumner.evans@automattic.com>
@sumnerevans sumnerevans force-pushed the device-verification-clarifications branch from 3aad3c5 to 55375f4 Compare June 7, 2024 16:41
…amework

Signed-off-by: Sumner Evans <sumner.evans@automattic.com>
This commit changes the format of all links in the Device Verification
section to be:

    [`m.key.verification.whatever`](#mkeyverificationwhatever)

This involved adding links in a bunch of places, but also changing many
links that did not have code within them to have the backticks.

Signed-off-by: Sumner Evans <sumner.evans@automattic.com>
@sumnerevans sumnerevans force-pushed the device-verification-clarifications branch from 17f9944 to b87ffa6 Compare June 7, 2024 17:11
Signed-off-by: Sumner Evans <sumner.evans@automattic.com>
…n_id or m.relates_to

Add notes about the fact that the start event *may* be the first event
sent during a verification process and that clients should handle other
clients doing so, but not themselves send the start event first.

Signed-off-by: Sumner Evans <sumner.evans@automattic.com>
Signed-off-by: Sumner Evans <sumner.evans@automattic.com>
@richvdh
Copy link
Member

richvdh commented Jun 11, 2024

Suddenly there's an awful lot changing in this PR, and it's quite hard to review...

Copy link
Member

@richvdh richvdh left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks. A few nits.

this example, Bob's device sends the `m.key.verification.start`, Alice's device
could also send that message. As well, the order of the
`m.key.verification.done` messages could be reversed.
send [`m.key.verification.request`](#mkeyverificationrequest) events to all of
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

For what it's worth, it's not obvious to me that making every single reference to an event into a hyperlink improves readability - as long as the first reference is a hyperlink, I think that would be fine. (Also, it means that all the text in the section is being reformatted, which makes it very hard to see what's actually changing in the text.)

But given it's done now, I'll not insist on it being changed back.

@@ -4,8 +4,9 @@ allOf:

description: |-
Requests a key verification using to-device messaging. When requesting a key
verification in a room, a `m.room.message` should be used, with
[`m.key.verification.request`](#mroommessagemkeyverificationrequest) as msgtype.
verification in a room, a [`m.room.message`](#mroommessage should be used,
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
verification in a room, a [`m.room.message`](#mroommessage should be used,
verification in a room, a [`m.room.message`](#mroommessage) should be used,

of his other devices may support the request. Instead, Bob's device should tell
Bob that no supported method was found, and allow him to manually reject the
request.
Upon receipt of Alice's [`m.key.verification.request`](#mkeyverificationrequest)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think linking to #mkeyverificationrequest incorrectly gives the impression that this only applies to to-device messages:

Suggested change
Upon receipt of Alice's [`m.key.verification.request`](#mkeyverificationrequest)
Upon receipt of Alice's `m.key.verification.request`

Comment on lines +629 to +631
[`m.key.verification.request`](#mkeyverificationrequest),
[`m.key.verification.start`](#mkeyverificationstart), or
[`m.key.verification.cancel`](#mkeyverificationcancel) messages.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Again, this applies as much to in-room m.key.verification.request events as to-device events.

Suggested change
[`m.key.verification.request`](#mkeyverificationrequest),
[`m.key.verification.start`](#mkeyverificationstart), or
[`m.key.verification.cancel`](#mkeyverificationcancel) messages.
`m.key.verification.request`, `m.key.verification.start` or
`m.key.verification.cancel` messages.

@@ -643,8 +655,8 @@ success. A failed attack would result in a mismatched Short
Authentication String, alerting users to the attack.

To advertise support for this method, clients use the name `m.sas.v1` in the
`methods` fields of the `m.key.verification.request` and
`m.key.verification.ready` events.
`methods` fields of the [`m.key.verification.request`](#mkeyverificationrequest)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

same again

The event ID of the `m.key.verification.request` that this message is
related to.
The event ID of the
[`m.key.verification.request`](#mkeyverificationrequest) that this
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
[`m.key.verification.request`](#mkeyverificationrequest) that this
[`m.key.verification.request`](#mroommessagemkeyverificationrequest) that this

Comment on lines +30 to +32
Note that sending a start event without a request is deprecated, and
clients should not send a start event without first sending a request
event, but clients should handle other clients doing so.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
Note that sending a start event without a request is deprecated, and
clients should not send a start event without first sending a request
event, but clients should handle other clients doing so.
Note that sending a `start` event without a `request` is deprecated, and
clients should not send a `start` event without first sending a `request`
event, but clients should handle other clients doing so.

Comment on lines +54 to +56
Note that sending a start event without a request is deprecated, and
clients should not send a start event without first sending a request
event, but clients should handle other clients doing so.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
Note that sending a start event without a request is deprecated, and
clients should not send a start event without first sending a request
event, but clients should handle other clients doing so.
Note that sending a `start` event without a `request` is deprecated, and
clients should not send a `start` event without first sending a `request`
event, but clients should handle other clients doing so.

Comment on lines +45 to +52
Required when sent as an in-room message unless the start event is
sent without a corresponding
[`m.key.verification.request`](#mkeyverificationrequest).

Indicates the
[`m.key.verification.request`](#mkeyverificationrequest) that this
message is related to. Note that for encrypted messages, this
property should be in the unencrypted portion of the event.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

again, these are linking to the wrong m.key.verification.request

Comment on lines +57 to +73
properties:
rel_type:
type: string
enum:
- m.reference
description: |-
The relationship type. Currently, this can only be an
[`m.reference`](/client-server-api/#reference-relations)
relationship type.
event_id:
type: string
description: |-
The event ID of the
[`m.key.verification.request`](#mkeyverificationrequest) that
this message is related to.
type: object
title: VerificationRelatesTo
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

it should be possible to inherit these, but override the description. Probably something like:

      m.relates_to:
        allOf:
         - $ref: m.key.verification.m.relates_to.yaml
         - description: |-
           ... blah

@richvdh
Copy link
Member

richvdh commented Oct 29, 2024

@sumnerevans are you still interested in working on this?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants