Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Mandate that the new device commits to a particular identity key #4130

Closed
wants to merge 19 commits into from
Closed

Mandate that the new device commits to a particular identity key #4130

wants to merge 19 commits into from

Conversation

hughns
Copy link
Member

@hughns hughns commented Apr 16, 2024
edited
Loading

Originally from #4129, these are suggested changes to #4108:

  • Mandate that the new device commits to a particular identity key (by setting the device ID to the public part) and proves ownership of it (via a combination of ECDH and HMAC-SHA256)

Co-authored-by: Damir Jelić poljar@termina.org.uk

hughns added a commit that referenced this pull request Apr 16, 2024
@hughns
Revert changes to device id and proofs
9ee8543 
These are now in #4130
@hughns hughns mentioned this pull request Apr 16, 2024
Merged
@hughns hughns force-pushed the dkasak/oidc-qr-identity-key branch from 3a5d375 to 4613133 Compare April 16, 2024 14:46
@turt2live
Copy link
Member

@hughns is there something which needs to be done to merge this?

@hughns hughns marked this pull request as draft April 22, 2024 08:45
@hughns
Copy link
Member Author

hughns commented Apr 22, 2024

Apologies, I meant to have this as draft as it is destined to be merged into MSC4108

@turt2live
Copy link
Member

I'm not sure I understand the purpose of using a PR for this.

@hughns hughns self-assigned this Apr 23, 2024
@hughns
Copy link
Member Author

hughns commented Apr 25, 2024

Having discussed this today with @dkasak and @poljar, the conclusion is that these changes should not be part of MSC4108.

Whilst "device ID = identity key" feels like a sensible direction to propose for the reasons stated, the implications of such a change are beyond the scope of the present (Sign in with QR) MSC.

We haven't been able to identify a benefit to the QR mechanism by having a proof of possession prior to sharing the secrets.

There may be an overall benefit in having the homeserver/OP enforce proof of possession during auth/API calls. This may mean that the check that the existing device does to ensure the new device is online before sharing secrets would be after the homeserver/OP has also approved the device.

@hughns hughns closed this Apr 25, 2024
@turt2live turt2live deleted the dkasak/oidc-qr-identity-key branch April 30, 2024 14:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@hughns hughns

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@hughns @turt2live @dkasak