uhoreg
commented
5 years ago related: https://github.com/matrix-org/matrix-doc/issues/1267, https://github.com/matrix-org/matrix-doc/issues/1543, ~https://github.com/matrix-org/matrix-doc/issues/1680~ matrix-org/matrix-spec-proposals#1756
The e2e spec says: 'The Matrix protocol provides a basic mechanism for exchange of public keys, though an out-of-band channel is required to exchange fingerprints between users to build a web of trust.'
unfortunately though we don't have any mechanism for monitoring or building a web of trust at the moment; so the whole device key system provides nothing - it could all be subverted by a bad HS that decided to generate it's own device keys instead of passing on the keys from a real device.
Some thoughts: a) A mechanism for HS to be able to provide device-keys to anyone who asked so that a device owner could poke other HSs to see if his device-keys are being correctly propagated. b) Clients could upload device-IDs/public device keys to a decentralised list so people could monitor for bad keys. c) A message type to sign a device key with another device key (i.e. 'you trust I own this device, I've just got another') d) A message type to sign a device key with an external mechanism (e.g. sign a key with a gpg key). e) A mechanism to allow to users to cross sign each others device keys when they physically meet (neat idea: NFC handshake somehow?)
Dave