[messaging] Key rotation

carlo von lynX lynX at i.know.you.are.psyced.org
Tue Jan 6 01:04:41 PST 2015

On Mon, Jan 05, 2015 at 10:06:34PM -0800, David Leon Gil wrote:
> On Sun, Jan 4, 2015 at 5:12 AM, carlo von lynX
> <lynX at i.know.you.are.psyced.org> wrote:
> > I don't see how the PGP concept of "key rotation" is relevant if all
> > communications work over forward secure ratchets anyhow. Why would I
> > need to rotate the device-identifying subkey. Am I missing something here?
> Yes.
> I'm interested in systems in which it is safely possible to message
> not only people with whom you frequently correspond, but also people
> with whom you have never before corresponded.

I think the assumption of this being important to users may be incorrect,
we should investigate this better. Most cases when people email strangers
are actually situations when people would have added a person from the
social graph of their existing contacts, had they had such a social graph
at disposition. Just look at Facebook behavior patterns. The other common 
situation for mailing strangers is when you are contacting a company or an 
authority - in those cases a QR code printed on a brochure would do the job.
So I don't see a use case for a complete bootstrap out of pitch darkness.

> This is not true of Axolotl with many-year-old identity keys; the
> probability of those keys having been compromised during that time is
> very high.

In my plan I was thinking of having mobile devices make exchanges by
bluetooth whenever they physically meet. Those devices would therefore
detect having been using false cryptographic material in the past on
the day the two communication partners meet in person. Is this viable?
Mike, since you've been working on this hands-on, what do you think of this?


More information about the Messaging mailing list