mirror of
https://github.com/chatmail/core.git
synced 2026-05-18 22:36:29 +03:00
BREAKING: Remove Secure-Join-Fingerprint header from "vc-contact-confirm", "vg-member-added" messages (#3836)
It's a compatibility crutch for old clients (< 1.107.0), they require it in the subject
messages. Currently DC sends Autocrypt key gossips instead, they're better because knowing a key
allows not to only trust the peer, but also encrypt to it. Before it was a problem for other devices
on a joining side going online after a successful Securejoin setup -- they didn't have a joiner's
key to encrypt to it. So, we decided not to complicate the Securejoin with sending keys instead, but
rely on the Autocrypt.
Also there's a PR to the Countermitm doc documenting when gossips in 'vc-request-with-auth' are
needed:
Bob's own key fingerprint ``Bob_FP``,
the second challenge ``AUTH`` from step 1 and
optionally an Autocrypt-Gossip header for Alice's
Autocrypt key in order for a second device of Bob
to learn Alice's verified key.
This commit is contained in:
iequidoo
@@ -6,6 +6,7 @@
|
||||
- BREAKING: jsonrpc:
|
||||
- `get_chatlist_items_by_entries` now takes only chatids instead of `ChatListEntries`
|
||||
- `get_chatlist_entries` now returns `Vec<u32>` of chatids instead of `ChatListEntries`
|
||||
- BREAKING: Remove Secure-Join-Fingerprint header from "vc-contact-confirm", "vg-member-added" messages.
|
||||
|
||||
|
||||
## [1.114.0] - 2023-04-24
|
||||
|
||||
Reference in New Issue
Block a user