🚀 We’re ready for The Matrix Conference 2025 kicking off tomorrow in Strasbourg!
🌍 300+ participants from 20+ countries and 10+ governments - all championing Matrix-based sovereign, secure and interoperable communications. We’re proud to be the anchor sponsor again!
Highlights and details👇️
Having daily-driven the new UI for quite some time now, I had forgotten how much worse the old room list was. Such a nice revamp
One trick which works on iOS: holding power+volume up or down for 1s will show the shutdown/SOS screen and disable FaceID/TouchID until you manually enter your passcode
This is certainly one of the most intriguing mystery I’ve ever witnessed at $dayjob
"An open standard is the key to digitally sovereign communications between multiple separate organisations.”
Matthew Hodgson presents with UNICC's Tima Soni at UN Open Source Week about the importance of open standard federation for real time communications.
element.io/blog/the-imp...
Did Apple effectively broke the Sign-in with Apple OpenID Connect discovery document? appleid.apple.com/.well-known/... now advertises endpoints on account.apple.com; including the issuer. Looking at my Sentry errors, the switch happened ~2h ago?
I just published a new blog post about two of my absolute favourite CSS tricks. ✨
www.joshwcomeau.com/animation/pa...
If this is important to you, could you please comment on this issue with how you’d expect it to work with your use case? It helps us prioritise stuff :)
github.com/element-hq/m...
This is probably my biggest achievement working at Element :D
I worked for more than 4 years on next gen auth for Matrix and MAS 🙂↕️
Welcome to the Wild West of consumer messaging apps within governments. It’s not a one off. It’s not just the Trump administration. Governments have to put a serious alternative in place, combining the usability and E2EE of messaging apps with enterprise-grade oversight and control.
I moved off tera for minijinja almost exactly a year ago, and every update confirms that it was the right thing to do. This project is really incredible!
@bnewbold.net @divy.zone @mikestaub.social I've been reading your OAuth related proposal & it got me excited as you're trying to solve the exact same decentralised client metadata/registration problem I've been trying to solve for Matrix. I have a lot to say on it, I think we need to chat about this
One really nice property of this is that the signed software statement can be statically embedded when you distribute your client. There is no secret key that may be extracted, and you can rely on redirect URIs being safe to avoid being impersonated
And the self-signed software statement would include a cnf field as described in RFC 7800
Basically combining the software statement defined in RFC 7591, and use RFC 7800 for verifying the signature, as it is not defined in 7591
Then the server dedupes registration based on (cnf, software_id)
I’ve been working on the same exact problems for Matrix, where we are currently moving toward OAuth/OIDC. Current plan to solve this is to rely on dynamic client reg, but with a self-signed software_statement, which is basically the client metadata in a JWT