[messaging] Multiple devices and key synchronization: some thoughts
David Gil
dgil at yahoo-inc.com
Sat Jan 3 15:51:04 PST 2015
On Saturday, January 3, 2015 8:15 AM, Joseph Bonneau <jbonneau at gmail.com> wrote:
> However, I think it's also possible (and indeed common) to
> make a design error by assuming all users have the same values
> as we do, or would "if only they knew" and therefore we should
> try to force them into a high level of security.
I certainly don't think that; I do think that we can achieve a
very high level of security while not being any harder to use
than some password synchronization services.
> Personally, I think many users' desire for end-to-end security
> ends well short of printing backup codes
Quite likely.
> or running a pairing
> protocol that prevents them from instantly using a new device.
Maybe.
> If this is required to use multiple devices, I'm worried that
> the result will be a large number of users signing up for some
> new cloud service which manages a single private key for them
> and lets them fetch their messages from any device (using
> passwords and HTTPS), at which point end-to-end security is
> gone.
Sure. But that's not a good argument against designing a system
which provides as good of security as is possible for users who
do care.
(Maybe there will need to be an "always be secure" checkbox at
first...)
- dlg
More information about the Messaging
mailing list