Torproject disease infects WhatsApp - User experience trumps(sic) security
Shawn K. Quinn
skquinn at rushpost.com
Mon Jan 16 21:11:03 PST 2017
On 01/16/2017 11:00 PM, James A. Donald wrote:
> Is hard.
>
> Suppose I want to talk to you about something that is actually
> important. I ask you to email me your public key. How do I know that
> the key I receive is the key you sent?
If you think someone's monkeying with your email, then you don't do the
key exchange that way, you do it in person or at the very least you
verify it in person or over the phone.
> One solution is to make your public key as public as possible, affix it
> to all your communications and never change it.
>
> But you are not doing that.
That's what keyservers are for. Affixing the key to every message is a
needless waste of space.
--
Shawn K. Quinn <skquinn at rushpost.com>
http://www.rantroulette.com
http://www.skqrecordquest.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://lists.cpunks.org/pipermail/cypherpunks/attachments/20170116/a2b55c5e/attachment.sig>
More information about the cypherpunks
mailing list