[messaging] The Simple Thing

Moxie Marlinspike moxie at thoughtcrime.org
Fri Oct 3 10:47:10 PDT 2014

On 10/02/2014 03:25 AM, Ben Laurie wrote:
> The difference is that with CT the user whose key changes necessarily
> becomes aware that it has changed. In "the simple thing?" only the
> targeted user of the key is aware of this change.

Yes, I think this is the only difference.  Both worlds require the user
(and only the user) to opt into knowing what a key is and how to monitor
them.  In the CT world, only the owner of a key is notified, after the
fact, if their key has changed.  In the simple thing world, you're
notified in real time for anyone you intend to send a message to.

I'm not sure which world is objectively better, although I personally
like the idea of being notified that what I *write* is being intercepted
before it's sent, rather than whether what I *received* was intercepted
after the fact.

Either way, I think the net effect is roughly the same, so the question
I'm posing is whether it's worth incurring the complexity cost, spam
questions, organizational overhead of finding third parties, and
potential conspiracy theories that might come with CT-like system,
rather than just doing the simple thing.

- moxie


More information about the Messaging mailing list