Comment by dist-epoch
2 years ago
Isn't this what those "key hash pictures" in WhatsApp/Signal are solving?
XMPP clients could implement such a mechanism, and if any certificate/domain along the path changes, the users in a conversation would be notified.
These are usually to validate the keys used in end-to-end encryption. Both parties must confirm that they see the same details, which confirms that the same keys are being used on both ends.