Ability for sender to respond to keyshare requests from new verified recipient devices #18666
Labels
A-E2EE
A-Session-Mgmt
Session / device names, management UI, etc.
O-Uncommon
Most users are unlikely to come across this or unexpected workflow
S-Critical
Prevents work, causes data loss and/or has no workaround
T-Defect
Z-UISI
Unable to decrypt errors
Comments
MadLittleMods
added
Z-UISI
novocaine
added
O-Uncommon
|
Downloading to O-Low as I believe netsplits are rare |
|
Duplicate of element-hq/element-meta#1888 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Currently, if a recipient sees a UISI they send a keyshare request to all their other devices, and the specific device which sent the message in the first place. (We don't send the request to the sender's other devices, as they don't necessarily know independently of the server whether the recipient was in the room at the point that the message was sent).
However, the specific device which receives the request currently will not service the request unless the requesting device is the one they sent the key to in the first place. So, if there's a netsplit, and a new device is added on the far side of the netsplit, that new device will request but never receive keys from the sending device. If the newly added device has been verified, then the sender should be happy to share keys with it.
The text was updated successfully, but these errors were encountered: