Bruno Windels
Bruno Windels
fwiw, when it happened, it didn't seem to cause an issue on my side of the call as it won't block the queue anymore after #1017
One note on the above, when we have the private MSK, we'll also have the private SSK and USK as they are all unlocked with the 4S key. So verification...
This is just adding support in code without exposing it in the UI, this happens in the next issue #955
## Steps for own device signing - fetch SSK + signature - verify SSK signatures from MSK - get device key for our own device (already supported), the ed25519 one?...
For signing other users and other devices apart from the current one: - rework way device keys are stored - so we can: - also store cross-signing keys in same...
Ah but we have an index on the curve25519 sender key for device keys which we don't have for cross-signing keys 🤔
For signing other users and other devices apart from the current one: - add crossSigningKeys store, key by userId|key, we also need to look up by userId|usage (which can contain...
From uhoreg: > The usage field gets included when calculating the signature, so an attacker can't get you to sign something and try to use the signature for something else,...
So, steps: - allow to get all matching user ids from the device tracker, without already calling /keys/query - check in advance whether we need to create an outbound session...
This is less severe since #239 was fixed