Do OTR users compare key fingerprints or session IDs? Or none of the above?
-
-
Replying to @matthew_d_green
@matthew_d_green can't ensure people send public keys over a secure channel though :( The pains of bootstrapping a secure system1 reply 0 retweets 0 likes -
Replying to @bascule
@bascule@matthew_d_green that is big part of functional/actual security problem, same w physical security (my background)weak human links1 reply 0 retweets 0 likes -
Replying to @CliffsEsport
@CliffsEsport@bascule Surely you can force people to do this stuff...4 replies 0 retweets 0 likes
Replying to @matthew_d_green
@matthew_d_green @CliffsEsport even if you force people to manually enter a public key, how do you ensure it's sent over a secure channel?
2:27 PM - 26 Aug 2013
0 replies
0 retweets
0 likes
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.