[messaging] Transparency for E2E encrypted messaging at a centralized service

Ben Laurie ben at links.org
Thu Mar 27 02:49:27 PDT 2014

On 27 March 2014 05:57, Joseph Bonneau <jbonneau at gmail.com> wrote:
> If the community doesn't think building such an auditing system buys much
> perhaps it's a waste of engineering effort better spent elsewhere, because
> the cost of running this would not be zero.

I think that raising the visibility of a targeted attack by the
otherwise-trusted authority is vital to any kind of discovery system
for identifier-to-key mappings. How else do you avoid the CA scenario
all over again?

More information about the Messaging mailing list