[cryptography] post-PRISM boom in secure communications (WAS skype backdoor confirmation)

Nico Williams nico at cryptonector.com
Mon Jul 1 16:58:49 EDT 2013


On Mon, Jul 1, 2013 at 9:05 AM, Eugen Leitl <eugen at leitl.org> wrote:
> On Mon, Jul 01, 2013 at 01:31:51PM +0200, Guido Witmond wrote:
>
>> The only answer is to take key management out of the users' hands. And
>> do it automatically as part of the work flow.
>
> You need at least a Big Fat Warning when the new fingerprint
> differs from the cached one, and it's not just expired.

OTR's model should suffice.


More information about the cryptography mailing list