Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
MSC2140: Terms of Service for ISes and IMs #2140
MSC2140: Terms of Service for ISes and IMs #2140
Changes from 15 commits
23af87e
32c7fc6
cf48030
276e2b6
d4ca0c2
9ca3ccc
a63e442
4ba9b2a
2555801
8ae4755
abb4071
2c09580
6f374dc
0dae2d5
9e0d8b9
5709427
af691b5
1d75828
ba7047c
4edf826
6273868
58cf083
2694bb1
21b9eaf
b5326de
10a6a59
f95197b
4be283c
83bb386
45d6309
786d5bc
fe14d3c
8af35be
2d11217
5374030
f02e4c2
d00dfb7
03e6ab0
7f65364
ac6b9bd
79dbad2
10858bf
4c72c37
e28f7aa
d15c9df
1a66934
30dcc28
bf8a1e5
701d340
9bb6ad8
f474b31
6e061b1
25a47af
a1de6ff
d9269b0
e4bdc28
12377fb
6d00673
4073d94
6931541
8bd9d7c
4ea8f64
File filter
Filter by extension
Conversations
Jump to
There are no files selected for viewing
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Do we also want to drop lookups done without using the hashing aware endpoints?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
yeah, in reality we'll probably end up having non-hashed on v1 and hashed on v2, then deprecating non-hashed and v1 at the same time. I didn't wamt to tie this too much to the hashing msc so not sure whether to add that here or not.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
v2 supports non-hashed so there's no reason to keep v1 around.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Would it make sense to uniquely identify by tuple of
(<type>, <version>, <url>)
? That would give de-duplication while still allowing justhttps://matrix.org/legal.html
, as well as not having to do any crazyn²
lookups?There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Possibly - otoh I sort of like forcing the version to be in the URL for general URL transparency.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yeah, I'm just a little nervous that if we end up having three or more different services, each with multiple policies, with some churn of versions of the years, plus an increasing number of languages, then we'll end up with quite a lot of different stuff to check.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Travis points out that we discussed this kind of thing in #2140 (comment) as eventually the conclusion was that de-duping by URL is probably the lesser evil.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Could we have a dictionary
policy_id -> policy_url
instead of an array of URLs?That will help to know which types of document the user has already signed. Matrix clients could then detect an update of one policy.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It might also be useful to know the version of the document the user saw too, so could have:
...maybe?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
For this MSC, the policy ID feels like it is not meant to be trusted and could change at any time, so I am wary of making any assumptions about it. Maybe the MSC should explicitly state something like: "The terms response contains these policy IDs largely to match similar behaviour from the homeserver, but don't assume anything about them, they may change at any time, etc. The URL is the thing that matters."
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
the homeserver version being MSC1692 where the policy ID actually means something. The homeserver version supports optional and non-optional changes to policies whereas this MSC does not (for valid reasons on both fronts, I believe).