From f68f4262030377ec1820a1ccae12f678c220fbb1 Mon Sep 17 00:00:00 2001
From: Melvin Keskin <melvo@olomono.de>
Date: Sat, 9 Mar 2019 20:53:16 +0100
Subject: [PATCH] create new section "Reducing The Number of Trust Messages"

---
 inbox/automatic-trust-transfer.xml | 35 ++++++++++++++++++++++++++++++
 1 file changed, 35 insertions(+)

diff --git a/inbox/automatic-trust-transfer.xml b/inbox/automatic-trust-transfer.xml
index 85f62815..0eb54016 100644
--- a/inbox/automatic-trust-transfer.xml
+++ b/inbox/automatic-trust-transfer.xml
@@ -329,6 +329,41 @@
 			A1 fetches B2's key and is then able to automatically authenticate A2's key.
 		</p>
 	</section2>
+	<section2 topic='Reducing The Number of Trust Messages' anchor='impl-reducing-number-of-trust-messages'>
+		<section3 topic='Using URIs Containing Multiple Keys' anchor='impl-reducing-number-of-trust-messages-uris-multiple-keys'>
+			<p>
+				For reducing the number of trust messages sent to a device, a client MAY use a URI containing multiple keys that have been authenticated shortly after another.
+			</p>
+			<p>
+				Example:
+				Alice's device A1 authenticates the keys of Bob's devices B1 and B2 after scanning Bob's QR code containing their key identifiers.
+				A1 sends one authentication message for all of the authenticated keys.
+			</p>
+		</section3>
+		<section3 topic='Using Message Carbons' anchor='impl-reducing-number-of-trust-messages-message-carbons'>
+			<p>
+				Furthermore, a client MAY use &xep0280; for sending a trust message to all devices of a contact or to all own devices at once.
+				Then, by sending a trust message to the contact, each device of the contact and each own device gets the same trust message by the server.
+				Thus, a client needs to send the same trust message only once.
+				If not all devices of the contact should receive the trust message, the trust message MAY be sent to specific devices of the contact but for all own devices Message Carbons MAY be used and vice versa.
+				Even when a client does not already have a contact, the client MAY use Message Carbons for delivering a trust message to all own devices.
+			</p>
+			<p>
+				Example:
+				Alice's device A1 authenticates the key of her device A2.
+				A1 sends the trust message for A2's key only once to all of Alice's and Bob's devices by using Message Carbons.
+			</p>
+			<p>
+				Attention:
+				In that context, sending a trust message to all devices of a contact or to all own devices does not mean to encrypt it with the keys of all those devices.
+				Instead, it only means that all of those devices should receive the trust message even if it is not encrypted for some of them and thereby not decryptable by those devices.
+				Keep in mind that a trust message MUST only be encrypted for devices with authenticated keys.
+			</p>
+			<p>
+				The drawback of using Message Carbons is that clients may show a message to the user that an OMEMO message received which has not been encrypted for the corresponding device.
+			</p>
+		</section3>
+	</section2>
 </section1>
 <section1 topic='Security Considerations' anchor='security'>
 	<section2 topic='Notification' anchor='security-notification'>