Open bwindels opened 1 year ago
One note on the above, when we have the private MSK, we'll also have the private SSK and USK as they are all unlocked with the 4S key. So verification ... probably still good to check the signatures are ok, but we can rely on the private as well...
This is just adding support in code without exposing it in the UI, this happens in the next issue #955
For signing other users and other devices apart from the current one:
Ah but we have an index on the curve25519 sender key for device keys which we don't have for cross-signing keys 🤔
For signing other users and other devices apart from the current one:
From uhoreg:
The usage field gets included when calculating the signature, so an attacker can't get you to sign something and try to use the signature for something else, since the key indicates what the signatures can be used for. It is an array because we thought it might be useful to allow some key types in the future to have multiple usages, but you shouldn't have multiple usages with cross-signing.
So, in the end, we will:
Depends on #953
Once we can trust our MSK with #953, we can now also trust the USK (User Signing Key) and SSK (Self Signing Key). The private keys for these are again stored in 4S, but verification should rather rely on the signatures from the MSK. We should only require to have the private keys when we actually want to sign something.