matrix-org / matrix-rust-sdk

Matrix Client-Server SDK for Rust
Apache License 2.0
1.28k stars 256 forks source link

Option to exclude insecure devices for Olm traffic, to be consistent with megolm sharing? #4147

Open BillCarsonFr opened 1 month ago

BillCarsonFr commented 1 month ago

Following the work on invisible crypto it is now possible to exclude devices not signed by their owner from participating in encrypted room:

We also have an API to encrypt a message directly to a device (using olm): https://github.com/matrix-org/matrix-rust-sdk/blob/bdfe64179bd0b5ef5598774ac510d1539efc2184/crates/matrix-sdk-crypto/src/identities/device.rs#L407-L412

This can lead to a strange situation when the exclude insecure devices option is enabled and:

Maybe we would want to use some EncryptionSetting/DecryptionSetting for olm traffic? Notice that we also don't look at the device trust status BlackListed/Ignored when encrypting in olm

fkwp commented 1 month ago

@toger5