MSC3784: Using room type of m.policy for policy rooms
#3784
There are no files selected for viewing
| Original file line number | Diff line number | Diff line change | ||||||||
|---|---|---|---|---|---|---|---|---|---|---|
| @@ -0,0 +1,68 @@ | ||||||||||
| # MSC3784 Using room type of m.policy for policy rooms | ||||||||||
|
Contributor
Author
There was a problem hiding this comment. Making this thread to track Implementation status outside of the PR descript. Implementation Tracking Mjolnir as of da08432 and that commit is included in Release 1.6.0. Mjolnir implementation at time of writing only includes that it creates rooms for policy lists with the type.
Member
There was a problem hiding this comment. Does Nheko use it besides just declaring the constant?
Contributor
Author
There was a problem hiding this comment. Policy Editing that utilises MSC3784 to aid in detecting if a room is a policy list is implemented in RMU. Version that implemented first is unknown but current Version as of writing relies on this as one of its 2 detection methods. It also supports legacy detection. There was a problem hiding this comment. https://mru.rory.gay/PolicyLists is the particular page in RMU that uses this MSC to find policy rooms. I'm not sure whether it has legacy detection enabled or not, but legacy detection here was implemented by checking for the Mjolnir shortcode state event. It does not show rooms that happen to have policy events, as querying /sync or /state for rooms is very expensive, especially compared to cherry picking 2 events. (Oops, I still have to get rid of the "Create policy list" popup being there by default, which also uses the MSC's unstable type on room creation, additionally I've just uncovered a crash related to fetching room names... That's for the tomorrow pile). |
||||||||||
|
|
||||||||||
| ## Introduction | ||||||||||
|
|
||||||||||
| Matrix already has [Moderation Policy Lists](https://spec.matrix.org/v1.17/client-server-api/#moderation-policy-lists) | ||||||||||
| which describe policy recommendations through state events. In typical usage, | ||||||||||
| these policy recommendations tend to appear in dedicated rooms, though are not | ||||||||||
| required to. | ||||||||||
|
|
||||||||||
| Having the policy recommendations in dedicated rooms helps clients better understand | ||||||||||
| the purpose of a room, and potentially hide it if the client knows it can't do | ||||||||||
| much with that dedicated purpose. For example, a messaging client might want to | ||||||||||
| hide policy list rooms by default to avoid showing "non-conversational" rooms to | ||||||||||
| the user. | ||||||||||
|
|
||||||||||
| This proposal introduces a [room type](https://spec.matrix.org/v1.17/client-server-api/#types) | ||||||||||
| to denote such dedicated rooms. | ||||||||||
|
|
||||||||||
| ## Proposal | ||||||||||
|
|
||||||||||
| Rooms dedicated to containing policy list recommendations SHOULD use a newly | ||||||||||
| defined `m.policy` room type. How clients choose to (not) handle the new type is | ||||||||||
| left as an implementation detail. | ||||||||||
|
|
||||||||||
| Consumers of policy lists SHOULD note that recommendations can still appear | ||||||||||
| outside of `m.policy` rooms. Existing rooms probably won't have the new room | ||||||||||
|
Contributor
There was a problem hiding this comment. SHOULD feels slightly odd to me here because consumers have complete freedom in how they handle (or don't handle) policy recommendations. There is nothing normative here and I think this should rather be a remark.
Suggested change
Contributor
Author
There was a problem hiding this comment. This part may be a bit wierdly worded due to being translated from the old legacy rooms handling that the MSC defined. And yes a strong but optional world like SHOULD is correct to the intent. The intended way this is meant to be handled is that policy manipulation tooling should allow you to override the automatic detection the room type gives you and instead use manual detection. Be that temporary as in not persisted or persisted personal overrides stored via implementation specific means. Secondary detection measures like checking for shortcode is also allowed but as @TheArcaneBrony can testify to its cludgy compared to pure room type detection. |
||||||||||
| type, and some communities might mix conversation and recommendations in the | ||||||||||
| same room (therefore not dedicating the room to recommendations). | ||||||||||
|
clokep marked this conversation as resolved.
Outdated
FSG-Cat marked this conversation as resolved.
Outdated
|
||||||||||
|
|
||||||||||
|
|
||||||||||
| ## Potential issues | ||||||||||
|
|
||||||||||
| Clients which have dedicated UX for policy rooms might not be able to apply that | ||||||||||
| UX to rooms missing the `m.policy` room type. They can try to look for recommendation | ||||||||||
| state events contained in the room, though if their dedicated UX is invasive then | ||||||||||
| it may hide conversation being had in the room. This proposal does not attempt to | ||||||||||
| make rooms without the `m.policy` room type, but still contain policy recommendations, | ||||||||||
| invoke any dedicated UX a client might have - clients can choose how/if they handle | ||||||||||
| this case. | ||||||||||
|
|
||||||||||
|
|
||||||||||
| ## Alternatives | ||||||||||
|
|
||||||||||
| Peeking over federation, like in [MSC2444](https://github.com/matrix-org/matrix-spec-proposals/pull/2444), | ||||||||||
| can help clients identify rooms which contain policy list recommendation state | ||||||||||
| events. However, as identified above, this may be insufficient to properly | ||||||||||
| identify rooms *dedicated* to containing those state events. | ||||||||||
|
|
||||||||||
| ## Security considerations | ||||||||||
|
|
||||||||||
| This change is largely informative and carries no direct security impact. Clients | ||||||||||
| which interpret the `m.policy` room type will need to consider security in their | ||||||||||
| implementations. For example, if hiding the rooms then notifications in those | ||||||||||
| rooms will need some consideration. | ||||||||||
|
Contributor
There was a problem hiding this comment. Missing notifications feels like a potential issue rather than a security consideration to me. Should there be a note in the proposal section that
Member
There was a problem hiding this comment. Hidden/unobtainable notifications are occasionally considered a security concern in an implementation because of the disruption they cause. That's the only reason to mention it here.
Contributor
There was a problem hiding this comment.
The proposal doesn't seem to explicitly say that. It speaks of "rooms dedicated to containing policy list recommendations" which may intend to say just that but this isn't very clear in my opinion.
Contributor
Author
There was a problem hiding this comment. There is no enforcement what so ever so your client should NOT trust that nobody in the long history of doing things like this for the lulz on matrix, decides to make a policy list with room type and short code and all just to have it as their offtopic lounge style room. Like i have a long history of seeing people intentionally toy with edge cases like this on matrix and so does several SCT members. Enforcement would require a room version and that is unneeded complexity. Policy lists should always already be created via specialised tools that will prevent these types of situations via strategic configuration of the powerlevels for non creators. This is because normal clients cant set room types for non space rooms. Only specialised clients or power user / developer clients will have the ability to fall into this trap. And when your using a client that intentionally lets you use the full power of matrix and has no guardrails against footguns you are on your own. Does MSC1772 explicitly define that conversation can not exist in a space as far as auth rules are concerned? I refer to the Spaces MSC for one simple reason. It should already have debated to death this concern as this MSC is essentially the same type of MSC just for policy lists instead of introducing the concept of spaces and room types.
Member
There was a problem hiding this comment. Spaces left whether a conversation can happen in the room as an implementation detail because it was theorized as possibly useful.
Member
There was a problem hiding this comment. I believe this may be mostly/all resolved by #3784 (comment) |
||||||||||
|
|
||||||||||
| ## Unstable prefix | ||||||||||
|
|
||||||||||
| If you want to implement this MSC before its merged you're free to use the unstable type of | ||||||||||
| `support.feline.policy.lists.msc.v1`. | ||||||||||
|
|
||||||||||
| After this MSC gets merged if a stakeholder has elected to remove its support for the unstable prefix if any | ||||||||||
| Because the room type is immutable, rooms which use the unstable room type might | ||||||||||
| find themselves "unsupported" when/if implementations drop support for the unstable | ||||||||||
| type when this proposal becomes stable. | ||||||||||
|
|
||||||||||
| ## Dependencies | ||||||||||
|
|
||||||||||
| The Author is not aware of any unstable MSC dependencies for this MSC. | ||||||||||
Uh oh!
There was an error while loading. Please reload this page.