[messaging] Transparency for E2E encrypted messaging at a centralized service

[Ben Laurie]

On 27 March 2014 05:57, Joseph Bonneau <jbonneau at gmail.com> wrote:
> If the community doesn't think building such an auditing system buys much
> perhaps it's a waste of engineering effort better spent elsewhere, because
> the cost of running this would not be zero.

I think that raising the visibility of a targeted attack by the
otherwise-trusted authority is vital to any kind of discovery system
for identifier-to-key mappings. How else do you avoid the CA scenario
all over again?