Skip to content

Add a checklist to the security considerations template? #2405

Description

@Johennes

Our MSC template contains the following section for security considerations:

Security considerations

All proposals must now have this section, even if it is to say there are no security issues.

Think about how to attack your proposal. See RFC 3552
for things to think about, but in particular pay attention to lists from sources like
OWASP Top Ten for inspiration.

Some proposals may have some security aspect to them that was addressed in the proposed solution. This
section is a great place to outline some of the security-sensitive components of your proposal, such as
why a particular approach was (or wasn't) taken. The example here is a bit of a stretch and unlikely to
actually be worthwhile of including in a proposal, but it is generally a good idea to list these kinds
of concerns where possible.

This already links to RFC 3552 and OWASP Top Ten as inspiration for things to consider. These are generic and not specific to Matrix, however. It might also be too easy for authors to just skip them entirely given that they're just links. Maybe we could improve this situation by extracting a checklist of things to consider into the template while continue to link to these sources for further inspiration?

From recent security discussions on proposals I was involved in and without putting too much thought in it, the following things come to mind:

  • Denial of service (ReDoS, ...)
  • Impact of leaking metadata from clients to homeservers
  • Impact of malicious homeservers on other servers and / or clients
  • Impact of malicious clients on other clients and / or homeservers

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions