Stop hardcoding trust of old matrix.org key (#5374) - matrix/thirdparty/synapse.git - Unnamed repository; edit this file 'description' to name the repository.

diff options

author	Richard van der Hoff <1389908+richvdh@users.noreply.github.com>	2019-06-06 17:33:11 +0100
committer	GitHub <noreply@github.com>	2019-06-06 17:33:11 +0100
commit	9fbb20a531161652143028cde333429fe03b0343 (patch)
tree	62a37a5c57f3863a6cdb1119a783db085cf83dab /synapse/api
parent	Neilj/1.0 upgrade notes (#5371) (diff)
download	synapse-9fbb20a531161652143028cde333429fe03b0343.tar.xz

Stop hardcoding trust of old matrix.org key (#5374)

There are a few changes going on here:

* We make checking the signature on a key server response optional: if no
  verify_keys are specified, we trust to TLS to validate the connection.

* We change the default config so that it does not require responses to be
  signed by the old key.

* We replace the old 'perspectives' config with 'trusted_key_servers', which
  is also formatted slightly differently.

* We emit a warning to the logs every time we trust a key server response
  signed by the old key.

Diffstat (limited to 'synapse/api')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: