[messaging] Transparency for E2E encrypted messaging at a centralized service
ben at links.org
Sat Mar 29 03:39:22 PDT 2014
On 29 March 2014 04:15, Trevor Perrin <trevp at trevp.net> wrote:
>>> - Even if Bob observes the service being malicious, he has no way to
>>> prove this - it will just be his word against the service. So the
>>> "herd immunity" value of exposing the service's perfidy seems low.
>>> (In contrast to Certificate Transparency for HTTPS, which is likely to
>>> expose bad/hacked CAs who obviously shouldn't be issuing the revealed
>> Hmm. Presumably Bob would be able to show a new key, signed by many of
>> his correspondents, that did not correspond to the published key. That
>> seems strong than just Bob's word.
> So Bob and his friends call the NY Times and explain that a published
> key for Bob yesterday wasn't Bob's real key, and they've signed Bob's
> real key to prove it.
> They're sure this is a "MITM" and not just a glitch in the 3rd-party
> app Bob's running, malware/hackers targeting Bob, or Bob forgetting
> about the other app on his tablet. They promise they're telling the
> truth and not just trying to get attention.
> Maybe it's a MITM, maybe not. How would the NYT know?
> Or rather - will SocialNetworkCo want to deploy a system that (A)
> advertises they could MITM their users, and (B) gives their most
> paranoid users the ammo to claim they've done so, without proof one
> way or another?
I guess what you need is multiple independent logs - then they would
all have to collude to present a false key.
More information about the Messaging