[messaging] Verification of strict key change policy in CONIKS?

Tao Effect contact at taoeffect.com
Mon Mar 21 22:56:34 PDT 2016

Dear list,

Questions for Joseph, Marcela, or any other CONIKS experts out there:

Regarding the strict key change policy mentioned in the paper, how can Alice verify Bob’s latest key? Does she cache his previous key and verify the latest one received comes with a key-change message that’s signed by the previously cached key?

This aspect doesn't seem to be part of the protocol described in the paper. If there is a way to securely verify the key change using a previously verified/pinned key then this mechanism could prevent MITM attacks.

So is this specified in an “official protocol” somewhere? Also, is there an official discussion list for CONIKS?

Thanks much!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 841 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://moderncrypto.org/mail-archive/messaging/attachments/20160321/c918406f/attachment.sig>

More information about the Messaging mailing list