Device verifications are not synced and included in key backup #9543
Description
This is an issue which prevents users from using E2EE when they use Matrix/Riot on a browser. I.e. when using Riot on my office PC I always log out in the evening, so no one who can gain access to my computer will see all my communications by just opening the browser.
It is OK and seems to be necessary security wise to use the key backup after logging back in as the logout deletes the key(s) for this browser.
But I treat it as a bug that all already verified devices have lost their verification status after restoring the key backup. In theory I'd need to re-verify all devices in all encrypted rooms after I have logged in and restored the E2EE keys from the backup.
Device verification should be synced between all clients (Web, IOS, Android) and in addition should be part of the key backup/restore procedure.
Tested with:
Riot-Web: 1.0.8
Riot-IOS: 0.8.4