Matrix v1.17 specification released

Hey all,

At this year’s Matrix Conference we said we were aiming for this very spec release to be 2.0 proper. It looks like the MSCs still need a little bit more time to get over the line though, but they’re extremely close — one of the next few releases is expected to be Matrix 2.0.

Today we’re releasing Matrix 1.17 while the 2.0 MSCs continue to make forward progress. This release is smaller than some, with four MSCs merged, but as normal also includes a number of clarifications.

Improvements to the spec website include a dropdown to get at old spec versions more easily, and an index of HTTP endpoints at the top of each page.

This release of the spec also sees the incorporation of the specifications for the Olm and Megolm cryptographic ratchets. Olm and Megolm themselves haven’t changed, but we did want them to be on the spec site :)

Thanks especially to Johannes and Kévin for continuing to improve the quality of the spec with features, clarifications, and MSC text!

🔗The full changelog

🔗Client-Server API

Removed Endpoints

• Remove legacy mentions, as per MSC4210. (#2186)

Backwards Compatible Changes

• Allow application services to masquerade as specific devices belonging to users, as per MSC4326. (#2221)
• Add the m.oauth authentication type for User-Interactive Authentication, as per MSC4312. (#2234)
• Allow application services to manage devices and register users without the legacy authentication API, as per MSC4190. (#2267)

Spec Clarifications

• Push rule IDs are globally unique within their kind. (#2214)
• Don't advertise creator field in description of room creation. (#2215)
• room_id is required for peeking via /_matrix/client/v3/events. (#2216)
• The server-name segment of MXC URIs is sanitised differently from the media-id segment. (#2217)
• Add note to each endpoint that uses capability negotiation. (#2223)
• Additional OpenGraph properties can be present in URL previews. (#2225)
• Clarify the special casing of membership events and redactions in power levels. (#2231)
• M_RESOURCE_LIMIT_EXCEEDED is now listed as a common error code. (#2232)
• Add m.login.terms to enumeration of authentication types. (#2233)
• Clarify how to use state_after ahead of declaring full support for its spec version. (#2240)
• device_one_time_keys_count is only optional if no unclaimed one-time keys exist. (#2245)
• Clarify that servers may choose not to use M_USER_DEACTIVATED at login time, for example for privacy reasons when they can't authenticate deactivated users. (#2246)
• Usage of the event_id_only format for push notifications is not mandatory. (#2255)
• Fix various typos throughout the specification. (#2224, #2227, #2250)

🔗Server-Server API

No significant changes.

🔗Application Service API

Backwards Compatible Changes

• Allow application services to masquerade as specific devices belonging to users, as per MSC4326. (#2221)
• Allow application services to manage devices and register users without the legacy authentication API, as per MSC4190. (#2267)

Spec Clarifications

• Fix JSON formatting in the "Server admin style permissions" examples. (#2213)

🔗Identity Service API

No significant changes.

🔗Push Gateway API

No significant changes.

🔗Room Versions

Spec Clarifications

• In room versions 8 through 12, clarify that "sufficient permission to invite users" on restricted joins also includes being a joined member of the room. (#2220)
• In room versions 3 through 12, clarify that when you have the power to redact, it is possible to redact events that you don't have the power to send. (#2249)

🔗Appendices

No significant changes.

🔗Internal Changes/Tooling

Spec Clarifications

• Swapped icon for X (fka. twitter) to updated logo in footer. (#2219)
• Inline Olm & Megolm specifications. (#2226, #2241, #2242)
• Silence failing redocly-cli rule. (#2238)
• Use NPM Trusted Publishers for publishing @matrix-org/spec to npm. (#2239)
• Add version picker in the navbar. (#2256, #2258, #2259, #2260, #2261, #2264, #2268)
• Add a list of endpoints to the top of each spec page. (#2262)