This repository has been archived by the owner on Apr 26, 2024. It is now read-only.
sometimes the key notary endpoint doesn't give back the keys you asked for #5305
Comments
|
Turns out that the spec says that the server should ignore the keyId param for the GET endpoint (https://matrix.org/docs/spec/server_server/r0.1.1.html#get-matrix-key-v2-query-servername-keyid). However: (a) that's braindead, and (b) the same problem happens for the POST endpoint. |
|
So, this happens when the notary server gets a request for a given key id, but the origin server doesn't return it. That would kinda be ok as a sort of indicator of the absence of the key, or a negative-cache record, but the real problem is that, if an origin server stops returning a (previously-valid) key, then we can also make the notary server forget about that key (and hence break any historical events signed with that key). |
richvdh
added a commit
that referenced
this issue
May 31, 2019
Fix a bug where we would discard a key result which the origin server is no longer returning. Fixes #5305.
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Example: https://matrix.org/_matrix/key/v2/query/sw1v.org/ed25519:a_BPNW: it returns
sw1v.org/ed25519:auto, and not the key I want.The text was updated successfully, but these errors were encountered: