Quentin Gliech
@sandhose.fr
Software engineer working on auth at Element for @matrix.org
One trick which works on iOS: holding power+volume up or down for 1s will show the shutdown/SOS screen and disable FaceID/TouchID until you manually enter your passcode
September 21, 2025 at 8:21 AM
One trick which works on iOS: holding power+volume up or down for 1s will show the shutdown/SOS screen and disable FaceID/TouchID until you manually enter your passcode
If this is important to you, could you please comment on this issue with how you’d expect it to work with your use case? It helps us prioritise stuff :)
github.com/element-hq/m...
github.com/element-hq/m...
Moderated registration · Issue #3956 · element-hq/matrix-authentication-service
Is your feature request related to a problem? Please describe. Currently running an open matrix server with "just" email and CAPTCHA still attracts a lot of spammers, as they can send messages into...
github.com
May 14, 2025 at 7:44 AM
If this is important to you, could you please comment on this issue with how you’d expect it to work with your use case? It helps us prioritise stuff :)
github.com/element-hq/m...
github.com/element-hq/m...
I moved off tera for minijinja almost exactly a year ago, and every update confirms that it was the right thing to do. This project is really incredible!
templates: replace tera with minijinja · matrix-org/matrix-authentication-service@995bdfc
github.com
November 10, 2024 at 4:14 PM
I moved off tera for minijinja almost exactly a year ago, and every update confirms that it was the right thing to do. This project is really incredible!
One really nice property of this is that the signed software statement can be statically embedded when you distribute your client. There is no secret key that may be extracted, and you can rely on redirect URIs being safe to avoid being impersonated
February 6, 2024 at 10:43 PM
One really nice property of this is that the signed software statement can be statically embedded when you distribute your client. There is no secret key that may be extracted, and you can rely on redirect URIs being safe to avoid being impersonated
And the self-signed software statement would include a cnf field as described in RFC 7800
Basically combining the software statement defined in RFC 7591, and use RFC 7800 for verifying the signature, as it is not defined in 7591
Then the server dedupes registration based on (cnf, software_id)
Basically combining the software statement defined in RFC 7591, and use RFC 7800 for verifying the signature, as it is not defined in 7591
Then the server dedupes registration based on (cnf, software_id)
February 6, 2024 at 10:35 PM
And the self-signed software statement would include a cnf field as described in RFC 7800
Basically combining the software statement defined in RFC 7591, and use RFC 7800 for verifying the signature, as it is not defined in 7591
Then the server dedupes registration based on (cnf, software_id)
Basically combining the software statement defined in RFC 7591, and use RFC 7800 for verifying the signature, as it is not defined in 7591
Then the server dedupes registration based on (cnf, software_id)
I’ve been working on the same exact problems for Matrix, where we are currently moving toward OAuth/OIDC. Current plan to solve this is to rely on dynamic client reg, but with a self-signed software_statement, which is basically the client metadata in a JWT
February 6, 2024 at 10:30 PM
I’ve been working on the same exact problems for Matrix, where we are currently moving toward OAuth/OIDC. Current plan to solve this is to rely on dynamic client reg, but with a self-signed software_statement, which is basically the client metadata in a JWT