[OTR-dev] Peer validity TLV
Greg Troxel
gdt at ir.bbn.com
Sat Oct 3 07:57:01 EDT 2015
Ola Bini <list at olabini.se> writes:
> Hi,
>
> Lately I've been thinking about how to communicate the decisions OTR is mak=
> ing in such a way that users can make informed choices based on
> that. I realized that one thing I've missed when using OTR-enabled clients =
> is the possibility of knowing whether my peer has validated my
> key or not.
Two questions:
Why is it useful for you to know if the other side has marked your key
as valid?
Why is it ok, from a security viewpoint, for them to disclose that to
you?
I don't mean these to be accusatory, but I think rationale for them
should be part of a proposal to add something.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 180 bytes
Desc: not available
URL: <http://lists.cypherpunks.ca/pipermail/otr-dev/attachments/20151003/d47405d9/attachment.sig>
More information about the OTR-dev
mailing list