Accepting DM verification in an encrypted DM can cause unknown device warnings you can't access

[turt2live]

This is slightly unhelpful if I have to cancel verification to verify the user...

[foldleft]

I was unable to repro this; is it still a valid ticket?

[turt2live]

depends on whether or not we are keeping the unknown devices concept at all. Currently I can reproduce it, but this was a time before the cross-signing flag.

@jryans is the concept gone forever with cross signing or just part of the transition?

[jryans]

The default state in a cross-signing world allows all messages, but there are further plans to support paranoia options that would block unknown devices in some way:

• Add setting for confirmation when sending messages to a room with verified users who have unverified devices · Issue vector-im/element-meta#313 · vector-im/riot-web
• Adapt existing setting to only send to verified devices for cross-signing · Issue vector-im/element-web#11808 · vector-im/riot-web

[bwindels]

action for this ticket: don't block sending for unknown devices

[foldleft]

if this is an issue it's extra urgent now I've landed auto-E2E for verifications 💃

[bwindels]

I can't repro this anymore. I've tried adding a new device, skipping the complete-security to not have it cross-signed, and then verify that user from another account. This is with the Never send encrypted messages to unverified devices from this device flag off on the initiating side. Left is what I see from the account itself, and right from the account trying to verify it:

I could successfully verify, without any unknown device warnings, and after verification completed I saw a red device for the account as well, so all seems to be working well.

With the Never send encrypted messages to unverified devices from this device flag on, I get this on the receiving side (on a cross signed device):

#11808 seems to be about fixing that though, so closing this issue.

Looking further, it seems like matrix-org/matrix-react-sdk#3837 was a fix for this.