Messages shown as unencrypted with red shield in encrypted room search UI #11831
Comments
|
Just so you know, you can upload images directly to GitHub issues so you don't have to worry about other services deleting them.
|
Fixes element-hq/element-web#13262 This is part of the cross-signing shipping master plan. Known issues relating to this feature are: * element-hq/element-web#12896 * https://github.com/vector-im/riot-web/issues/12385 * element-hq/element-web#11831 * element-hq/element-web#11155 In theory, these are issues we're comfortable with shipping as we're already enabling it by default. This just makes it easier on everyone by removing the flag (making it still enabled by default).
Fixes element-hq/element-web#13262 This is part of the cross-signing shipping master plan. Known issues relating to this feature are: * element-hq/element-web#12896 * https://github.com/vector-im/riot-web/issues/12385 * element-hq/element-web#11831 * element-hq/element-web#11155 In theory, these are issues we're comfortable with shipping as we're already enabling it by default. This just makes it easier on everyone by removing the flag (making it still enabled by default).
|
Just wanted to confirm I see this in v1.6 as well. |
|
Me too, running the latest flatpak on Manjaro. |
|
Not sure what the plan here is for @jryans ideas? |
Hmm, my suggestion as a quick fix would be to hide the icons in search results for now. The trust status is based on dynamic info, so we can't save it in Seshat and it would also be expensive to check every message as you say, so I think for now we should bias towards removing the warning overload (which isn't even correct in this case) by hiding the icons. I presume in many cases, people may click on a search result to view the message in context in the room, and then the correct status should be visible there. |
Sure but if Seshat stored the deviceId of the [verified] sending session then we could check if we have trust for that session for rendering |
Ah okay, fair enough then. Let's summon @poljar to estimate the complexity of doing that. |
|
Seshat allows you to store arbitrary json, it only cares that the fields required to index an event (event id, sender, content...) are there. Any additional json fields are left as is, or if you will, json comes in, json comes out. Not sure how to add that info without re-crawling a room though. |
|
Okay, sounds like we would like to additionally persist some bits of the encrypted event as well then, as in at least the device ID, and then somehow trigger all rooms to be re-indexed (as otherwise we'd only have that for some messages). I'll remove |
|
Note, we'd have to check that the signature is consistent with the device id the payload claims to be sent by and then we can just persist the now "verified" deviceId for checking later |
Description
Searching for messages in encrypted rooms (using the new encrypted room search functionality implemented via seshat), the results are shown as unencrypted with a red shield even though the original message was properly encrypted and verified. This happens because seshat reinjects the decrypted messages but the verified status of the message gets lost along the way.
Steps to reproduce
Version information
The text was updated successfully, but these errors were encountered: