Hey all,
For the last several months the team has been working on tightening up privacy in Matrix, and with the 1.4 release of Synapse and Riot quite a lot has been done in the area. One of the remaining pieces was to release all the specification changes to help other client/server implementations achieve the same goals, and now we've done that.
The Client-Server r0.6.0 and Identity Service r0.3.0 spec releases both cover the privacy improvements added through a number of MSCs in the last few months. Of particular note is that identity servers are now expected to support terms of service endpoints, which requires authentication that clients might need to worry about - check the spec changelogs for details.
The full changelog for the Client-Server r0.6.0 release is:
-
Breaking Changes
-
New Endpoints
- Add
POST /account/3pid/unbind
for removing a 3PID from an identity server. (#2282)
- Add
-
Backwards Compatible Changes
- Add
M_USER_DEACTIVATED
error code. (#2234) - Remove
bind_msisdn
andbind_email
from/register
now that the identity server's bind endpoint requires authentication. (#2279) - Add
m.identity_server
account data for tracking the user's preferred identity server. (#2281) - Deprecate
id_server
and make it optional in several places. (#2310)
- Add
-
Spec Clarifications
- Add missing format fields to
m.room.message$m.notice
schema. (#2125) - Remove "required" designation from the
url
field of certainm.room.message
msgtypes. (#2129) - Fix various typos throughout the specification. (#2131, #2136, #2148, #2215)
- Clarify the distinction between
m.key.verification.start
and itsm.sas.v1
variant. (#2132) - Fix link to Olm signing specification. (#2133)
- Clarify the conditions for the
.m.rule.room_one_to_one
push rule. (#2152) - Clarify the encryption algorithms supported by the device of the device keys example. (#2157)
- Clarify that
/rooms/:roomId/event/:eventId
returns a Matrix error. (#2204) - Add a missing
state_key
check on.m.rule.tombstone
. (#2223) - Fix the
m.room_key_request
action
value, setting it fromcancel_request
torequest_cancellation
. (#2247) - Clarify that the
submit_url
field is without authentication. (#2341) - Clarify the expected phone number format. (#2342)
- Clarify that clients should consider not requesting URL previews in encrypted rooms. (#2343)
- Add missing information on how filters are meant to work with
/context
. (#2344) - Clarify what the keys are for rooms in
/sync
. (#2345)
- Add missing format fields to
The full changelog for the Identity Service r0.3.0 release is:
-
New Endpoints
-
Backwards Compatible Changes
- Deprecate the v1 API in favour of an authenticated v2 API. (#2254)
The Foundation needs you
The Matrix.org Foundation is a non-profit and only relies on donations to operate. Its core mission is to maintain the Matrix Specification, but it does much more than that.
It maintains the matrix.org homeserver and hosts several bridges for free. It fights for our collective rights to digital privacy and dignity.
Support us