Invisible Crypto | configure key sharing strategy based on labs feature flag #28038
Comments
BillCarsonFr
added
T-Feature
dosubot
bot
added
A-Config
O-Uncommon
|
I just saw that you made this issue. I've already done some of this as part of https://github.com/element-hq/crypto-internal/issues/362 matrix-org/matrix-js-sdk#4407 is the js-sdk part, which defines a crypto mode. Then in the React SDK, I have added a new setting: "feature_invisible_crypto": {
isFeature: true,
labsGroup: LabGroup.Encryption,
controller: new InvisibleCryptoController(),
displayName: _td("labs|invisible_crypto"),
supportedLevels: LEVELS_DEVICE_ONLY_SETTINGS_WITH_CONFIG_PRIORITISED,
supportedLevelsAreOrdered: true,
default: false,
},(where |
|
Suspect we need at least a couple of different settings here, since some deployments want to be quite aggressive with the rollout (they are happy to assume that all devices are signed), whilst others want to experiment with the new features whilst still remaining compatible with the ecosystem. |
For the record: this seems incorrect, at least at the EW level. We think that the things that were proposed for "transition mode" can be introduced without the need for a separate switch.
|
richvdh
changed the title
Part of Invisible Crypto.
For element-web, we want a setting in config.json to enable the new key distribution mode.
This setting should be OFF, by default.
This setting controls how end-to-end encryption (E2E) keys are shared.
Enabling it will prevent the inclusion of devices that have not been explicitly verified by their owners.
See IdentityBasedStrategy
Can be configured via the
EncryptionSettingsstructure, see here https://github.com/matrix-org/matrix-js-sdk/blob/60cedf2fdbe22951389e55c7e766785137a19d8c/src/rust-crypto/RoomEncryptor.ts#L237The text was updated successfully, but these errors were encountered: