Open TheJJ opened 4 years ago
I'm seeing this too. The shield of the respective peer stays black (expected: green).
In my case, the issue seems to be that the homeserver only sends the master key for the user in /client/r0/keys/query
, not the self-signing key. This is because the master key is cached on the homeserver, but not the self-signing key. I've submitted a possible fix in matrix-org/synapse#8455.
The problem still persists: Homeserver A does not have the cross-signing keys of the user @b:B
in cache, but does have the devices. The cross-signing keys are not fetched, since the devices are cached.
I took another shot at it in matrix-org/synapse#10668.
User A on homeserver a.org has 3 devices, all of them verified through cross-signing.
User B on homeserver b.org has 3 devices, also all verified.
Both do successfull cross-signing verification.
But they see each others devices as unverified afterwards. When examining a non-green device, it says
@A:a.org signed in to a new session without verifying it
. But that's not true, the sign-in was verified.Version information