This repository was archived by the owner on Aug 15, 2025. It is now read-only.
File tree Expand file tree Collapse file tree 1 file changed +10
-6
lines changed
docs/Protocol Specifications Expand file tree Collapse file tree 1 file changed +10
-6
lines changed Original file line number Diff line number Diff line change @@ -902,12 +902,16 @@ from foreign actors.
902902
903903 Congratulations! You can now use your invite + token to join the community guild.
904904
905- Server must verify the identity claims presented by foreign actors before giving out an authentication
906- token. This verification must be done by proving the cryptographic connection between an actors'
907- home server's public identity key and the actor's ID-Cert through ID-Cert signature verification and
908- must include ensuring that the presented ID-Cert has not been revoked.
909- See [ section 6.4.1] ( #641-verifying-that-a-newly-retrieved-id-cert-is-not-out-of-date ) for information
910- on how this is done.
905+ Servers must verify the identity claims presented by foreign actors before giving out an authentication
906+ token. This verification must be done by proving the following facts:
907+
908+ - There is a cryptographic connection between an actors' home server's public identity key and the
909+ actor's ID-Cert. Must be proven by verifying the signature on the ID-Cert with the help of the
910+ corresponding home servers' public key.
911+ - The presented ID-Cert has not been revoked. See [ section 6.4.1] ( #641-verifying-that-a-newly-retrieved-id-cert-is-not-out-of-date )
912+ for information on how this is done.
913+ - The client is in possession of the private key that corresponds to the presented ID-Certs' subject
914+ public key. Must be proven using a [ challenge string] ( #42-challenge-strings-and-key-trials ) .
911915
912916#### 4.1.2 Sensitive actions
913917
You can’t perform that action at this time.
0 commit comments