This endpoint should only be available to devices
which have authenticated. Also simplifies the the logic
signficantly.
Details
Details
cd services/identity cargo build
- Could change the identity_one_time_keys test to hit this endpoint as well
Diff Detail
Diff Detail
- Repository
- rCOMM Comm
- Lint
Lint Not Applicable - Unit
Tests Not Applicable
Event Timeline
shared/protos/identity_authenticated.proto | ||
---|---|---|
33–35 ↗ | (On Diff #30683) | Are one-time keys and pre-keys equivalent terms? |
Comment Actions
Also, are you going to remove upload_one_time_keys() from unauthenticated client service?
Comment Actions
Also, are you going to remove upload_one_time_keys() from unauthenticated client service?
Existing logic would need to be updated for keyserver, and the integration tests would need to be changed as well.
In the future, it should be removed, I just won't be around for when it's possible.
shared/protos/identity_authenticated.proto | ||
---|---|---|
33–35 ↗ | (On Diff #30683) | No. Three keys are needed for X3DH sessions:
The shorter lifetimes of each subsequent key is meant to prevent malicious actors from being able to re-create sessions in the future if certain keys are compromised. |