[messaging] Transparency for E2E encrypted messaging at a centralized service

Moxie Marlinspike moxie at thoughtcrime.org
Sat Mar 29 06:06:38 PDT 2014

On 03/27/2014 02:49 AM, Ben Laurie wrote:
> On 27 March 2014 05:57, Joseph Bonneau <jbonneau at gmail.com> wrote:
>> If the community doesn't think building such an auditing system buys much
>> perhaps it's a waste of engineering effort better spent elsewhere, because
>> the cost of running this would not be zero.
> I think that raising the visibility of a targeted attack by the
> otherwise-trusted authority is vital to any kind of discovery system
> for identifier-to-key mappings. How else do you avoid the CA scenario
> all over again?

I just don't see how this raises the visibility.  3rd parties can't
audit the log to determine a MITM attack is happening, so people can
only audit the log for their own communication.  Those are the same
people who would opt into in-band verification.

There is maybe some sense that the log provides "proof" that the people
verifying their own communication can use to publish their findings of a
MITM, but since the log itself is controllable by those parties (they
are capable of changing their own keys to whatever they would like in
the log), everyone still just has to take their word for it.

- moxie


More information about the Messaging mailing list