<div dir="ltr"><div class="gmail_extra"><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">The user-comprehensibility of one device singing a key to another device<br>
is somewhat compelling.<br></blockquote><div><br></div><div>I'd say it's maybe the opposite - if you're exposing the notion of a key you already lost the user comprehension war. The nice thing about BT is it can be completely passive. Did you have a nice conversation with some stranger this afternoon? No worries, this evening you can send them an encrypted message: your phone already has their first name + photo in the "recent encounters" screen and you can just go ahead and start chatting.</div>
<div><br></div><div>Yes, that's susceptible to targeted MITM attacks if the user you're trying to communicate with doesn't actually use the app (otherwise you'd get two entries for the same person), but you can double check that just by asking them if they're on the platform when actually meeting.</div>
</div></div></div>