<div dir="ltr">I can't find any Wickr UI to access a key fingerprint. <div><br></div><div>We don't really discuss what should happen after a user finds that the key fingerprints don't match. Do they just switch communication systems? Report to some sort of community or authority? Hire a lawyer? The strength of the protocol for dealing with identity errors determines that value of a key verification ritual.<br><br><br><br><br></div></div><div class="gmail_extra"><br clear="all"><div><div dir="ltr">US number: +1 650-492-8286<div><a href="https://play.google.com/store/apps/details?id=org.thoughtcrime.securesms&hl=en" target="_blank">Text Secure</a>: +1650-862-5992</div><div>Surespot/Wickr: zmanian<br><a href="https://raw.github.com/zmanian/pub_keys/master/gpg/%3Czaki@manian.org%3E.public.gpg-key" target="_blank">Public Key</a></div></div></div>
<br><div class="gmail_quote">On Sat, Sep 13, 2014 at 12:58 PM, Tom Ritter <span dir="ltr"><<a href="mailto:tom@ritter.vg" target="_blank">tom@ritter.vg</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><span class="">On 12 September 2014 23:42, Joseph Bonneau <<a href="mailto:jbonneau@gmail.com">jbonneau@gmail.com</a>> wrote:<br>
> *Apple iMessage, Wickr and BBM Protected can all be described as<br>
> opportunistic encryption messaging systems that have been very successful<br>
> deployment-wise. Although AFAIK none of them provide any MITM resistance if<br>
> the centralized public key servers are compromised or misbehave.<br>
<br>
</span>It's my understanding that Wickr recently implemented features to<br>
expose fingerprints. I'm not 100% certain. It would be an interesting<br>
experiment to see what happens with these fingerprints if you e.g.<br>
wipe your phone and reinstall, or move your SIM to a new device and<br>
install.<br>
<br>
Considering the ease with which an app could expose fingerprints and<br>
make no effort to tell people to verify them, I feel all apps should<br>
at least do that.<br>
<span class="HOEnZb"><font color="#888888"><br>
-tom<br>
</font></span><div class="HOEnZb"><div class="h5">_______________________________________________<br>
Messaging mailing list<br>
<a href="mailto:Messaging@moderncrypto.org">Messaging@moderncrypto.org</a><br>
<a href="https://moderncrypto.org/mailman/listinfo/messaging" target="_blank">https://moderncrypto.org/mailman/listinfo/messaging</a><br>
</div></div></blockquote></div><br></div>