"session key", "room key", "megolm key" and "megolm session" are used interchangeably throughout the spec

[anoadragon453]

There are a number of instances in the spec were we use the terms "session key" and "room key" interchangeably to mean the symmetric key used to encrypt a set of events within a megolm session.

We also use "session key" to describe the ID for a UISI session, etc.

We should pick one. And as for UISI etc. sessions: use "session ID" instead.

[uhoreg]

Also "megolm key" or "megolm session".

I don't know where we use each of those terms, other than I know that key backup refers to them as "room keys". But I think that this is (at least partly) due to the fact that we can have different encryption algorithms, although we currently only have olm/megolm. The way I see it, "room key" is a generic term for "something that you use to decrypt/encrypt a message that's sent to a room", whereas "session key"/"megolm key"/"megolm session" is something that's specific to megolm that may not be present in other algorithms. For example, MLS has "epochs" rather than "sessions". So if we're talking about something that's agnostic to the underlying algorithm (e.g. key backups, since it can, in theory, work with other algorithms), then "room key" is appropriate, but if we're talking about a specific algorithm, then we should use the terms that apply to that specific algorithm (e.g. "session" for megolm, "epoch" for MLS).

[anoadragon453]

@uhoreg that makes sense. An edited version of that very paragraph may be a good thing to include in the spec?

[uhoreg]

Yes, it would. Also, I don't know if the spec uses the terms consistently like that, so we should probably double-check. We should probably also pick one of "session key", "Megolm key", or "Megolm session" and use that consistently. (My vote would be "Megolm session" or "Megolm key".)