Comment by dist-epoch

2 years ago

Isn't this what those "key hash pictures" in WhatsApp/Signal are solving?

XMPP clients could implement such a mechanism, and if any certificate/domain along the path changes, the users in a conversation would be notified.

1 comment

dist-epoch

Reply
WhyNotHugo  2 years ago

These are usually to validate the keys used in end-to-end encryption. Both parties must confirm that they see the same details, which confirms that the same keys are being used on both ends.