[messaging] Opportunistic encryption and authentication methods

zaki at manian.org zaki at manian.org
Sat Sep 13 13:13:09 PDT 2014

I can't find any Wickr UI to access a key fingerprint.

We don't really discuss what should happen after a user finds that the key
fingerprints don't match. Do they just switch communication systems? Report
to some sort of community or authority? Hire a lawyer? The strength of the
protocol for dealing with identity errors determines that value of a key
verification ritual.

US number: +1 650-492-8286
Text Secure
Surespot/Wickr: zmanian
Public Key

On Sat, Sep 13, 2014 at 12:58 PM, Tom Ritter <tom at ritter.vg> wrote:

> On 12 September 2014 23:42, Joseph Bonneau <jbonneau at gmail.com> wrote:
> > *Apple iMessage, Wickr and BBM Protected can all be described as
> > opportunistic encryption messaging systems that have been very successful
> > deployment-wise. Although AFAIK none of them provide any MITM resistance
> if
> > the centralized public key servers are compromised or misbehave.
> It's my understanding that Wickr recently implemented features to
> expose fingerprints. I'm not 100% certain. It would be an interesting
> experiment to see what happens with these fingerprints if you e.g.
> wipe your phone and reinstall, or move your SIM to a new device and
> install.
> Considering the ease with which an app could expose fingerprints and
> make no effort to tell people to verify them, I feel all apps should
> at least do that.
> -tom
> _______________________________________________
> Messaging mailing list
> Messaging at moderncrypto.org
> https://moderncrypto.org/mailman/listinfo/messaging
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://moderncrypto.org/mail-archive/messaging/attachments/20140913/c888cf31/attachment.html>

More information about the Messaging mailing list