diff --git a/docs/warning-on-unverified-devices.md b/docs/warning-on-unverified-devices.md index e3a6c567d31..f7431379c56 100644 --- a/docs/warning-on-unverified-devices.md +++ b/docs/warning-on-unverified-devices.md @@ -1,31 +1,29 @@ Random notes from Matthew on the two possible approaches for warning users about unexpected unverified devices popping up in their rooms.... -Original idea... -================ +# Original idea... Warn when an existing user adds an unknown device to a room. Warn when a user joins the room with unverified or unknown devices. Warn when you initial sync if the room has any unverified devices in it. - ^ this is good enough if we're doing local storage. - OR, better: +^ this is good enough if we're doing local storage. +OR, better: Warn when you initial sync if the room has any new undefined devices since you were last there. - => This means persisting the rooms that devices are in, across initial syncs. +=> This means persisting the rooms that devices are in, across initial syncs. - -Updated idea... -=============== +# Updated idea... Warn when the user tries to send a message: - - If the room has unverified devices which the user has not yet been told about in the context of this room - ...or in the context of this user? currently all verification is per-user, not per-room. + +- If the room has unverified devices which the user has not yet been told about in the context of this room + ...or in the context of this user? currently all verification is per-user, not per-room. ...this should be good enough. - - so track whether we have warned the user or not about unverified devices - blocked, unverified, verified, unverified_warned. +- so track whether we have warned the user or not about unverified devices - blocked, unverified, verified, unverified_warned. throw an error when trying to encrypt if there are pure unverified devices there app will have to search for the devices which are pure unverified to warn about them - have to do this from MembersList anyway? - - or megolm could warn which devices are causing the problems. + - or megolm could warn which devices are causing the problems. -Why do we wait to establish outbound sessions? It just makes a horrible pause when we first try to send a message... but could otherwise unnecessarily consume resources? \ No newline at end of file +Why do we wait to establish outbound sessions? It just makes a horrible pause when we first try to send a message... but could otherwise unnecessarily consume resources?