[messaging] Multiple devices and key synchronization: some thoughts

Joseph Bonneau jbonneau at gmail.com
Sat Jan 3 16:06:44 PST 2015

On Sat, Jan 3, 2015 at 6:51 PM, David Gil <dgil at yahoo-inc.com> wrote:

> > If this is required to use multiple devices, I'm worried that
> > the result will be a large number of users signing up for some
> > new cloud service which manages a single private key for them
> > and lets them fetch their messages from any device (using
> > passwords and HTTPS), at which point end-to-end security is
> > gone.
> Sure. But that's not a good argument against designing a system
> which provides as good of security as is possible for users who
> do care.
> (Maybe there will need to be an "always be secure" checkbox at
> first...)

Absolutely-that was my original point, these features should be built for
users who want them. We just need to be sure the system doesn't require
security behavior by all users that is unlikely to happen and will result
in insecure coping mechanisms. This might have protocol-level implications
and not just UI ones, for example if Bob needs to securely learn if Alice
is a high- or low-security user and we don't want a downgrade attack to
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://moderncrypto.org/mail-archive/messaging/attachments/20150103/3a277a43/attachment.html>

More information about the Messaging mailing list