Suppose you have lost your private cross-signing keys, for some reason. (Perhaps you lost the Security Phrase/Key which would allow you to decrypt the copies in 4S, and you don't have any other devices that have a copy of the private keys to gossip them. Or maybe you believe your keys to be compromised so need to rotate them).
There is a reset button that will allow you to do this:
... but the semantics of what happens next are poorly defined.
A few questions (expect this list to grow)
Are existing devices automatically re-signed using the new key? Is that safe if we believe the key was previously compromised? Or should they be re-verified?
Will existing devices receive the new key? Presumably only if they are verified? Are they even informed that there are new keys? Will they continue to trust devices/backups signed by the old key?
Should existing key backups be re-signed if they were previously trusted? Again, what if the key was compromised? Should we start a brand new key backup? Currently we keep using the existing backup, but don't re-sign it, which leads to quite broken behaviour.
Suppose you have lost your private cross-signing keys, for some reason. (Perhaps you lost the Security Phrase/Key which would allow you to decrypt the copies in 4S, and you don't have any other devices that have a copy of the private keys to gossip them. Or maybe you believe your keys to be compromised so need to rotate them).
There is a reset button that will allow you to do this:
... but the semantics of what happens next are poorly defined.
A few questions (expect this list to grow)