Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Documentation Updates #1105

Merged
merged 8 commits into from
Oct 8, 2024
Merged

Documentation Updates #1105

merged 8 commits into from
Oct 8, 2024

Conversation

neekolas
Copy link
Contributor

@neekolas neekolas commented Oct 2, 2024
edited
Loading

@graphite-app Graphite App
Copy link

graphite-app bot commented Oct 2, 2024

Your org has enabled the Graphite merge queue for merging into main

Add the label “queue” to the PR and Graphite will automatically add it to the merge queue when it’s ready to merge.

You must have a Graphite account and log in to Graphite in order to use the merge queue. Sign up using this link.

neekolas and others added 6 commits October 2, 2024 09:16
@neekolas
Update README
b2df872
@richardhuaaa
Fix errors and warnings
e3c1ea9
@richardhuaaa
Regularly rotate leaf node encryption keys (#1108)
7be92cb 
This PR achieves two things:
1. Before sending an application message on a new group, clients will always rotate their encryption keys first. The reason for this is that the first encryption key used on a group is derived from the client's key package - so if the key package is not rotated frequently enough, this safeguard prevents issues related to re-use across multiple groups.
2. All clients will also rotate their encryption keys on a 30 day interval, assuming they are active on a given group. This helps with post-compromise security.

Other notes:

1. I've consolidated all intent creation into a `queue_intent()` method. This makes it easier to add pre-intent and post-intent actions in the future, for example if we want to check for missing installations before publishing *any* intent.
2. With OpenMLS's default configuration, *any* commit will rotate the encryption key. I've used a post-intent action to mark the encryption key as rotated in this scenario, so we don't perform any additional unnecessary rotations.
@neekolas
Merge branch 'main' into nm/documentation-updates
237b4c2
@neekolas
Fix conflicts
13498d0
@neekolas
Remove unused import
8e54f49
@neekolas neekolas marked this pull request as ready for review October 8, 2024 19:34
@neekolas neekolas requested review from a team as code owners October 8, 2024 19:34
@neekolas neekolas enabled auto-merge (squash) October 8, 2024 19:57
@neekolas neekolas merged commit 137062e into main Oct 8, 2024
6 checks passed
@neekolas neekolas deleted the nm/documentation-updates branch October 8, 2024 19:59
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@nplasterer nplasterer nplasterer approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@neekolas @nplasterer @richardhuaaa