Open DMRobertson opened 1 year ago
Hm would a duration change the issue though? You would still need a valid clock time to figure out when that ttl/duration ends. Or am I misunderstanding where/how this duration is meant to be calculated?
A duration also can't be signed by other servers (if your server happens to be down, your server can try to get the keys from elsewhere)
Link to problem area: https://spec.matrix.org/v1.6/server-server-api/#get_matrixkeyv2server
Issue The
valid_until_ms
field is an absolute timestamp. If your homeserver's clock is out of sync with the other homeserver's clock, your homeserver may consider the verify_keys to have already expired, if thevalid_until_ms
timestamp is in the past according to your clock.This is relatively minor and unlikely to cause pain in practice, because I expect:
Expected behaviour New version of the endpoint that returns a duration (effectively a TTL) field instead of the
valid_until_ms
field.