Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

lock keys for verified contacts and groups #51

Merged
merged 1 commit into from
May 22, 2018
Merged

lock keys for verified contacts and groups #51

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
22 changes: 22 additions & 0 deletions source/new.rst
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -253,6 +253,28 @@ Notes on the verified group protocol
could possibly offer the techniques described here for "secure threads".


Autocrypt and verified key state
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Verified key material
- whether from verified contacts or verified groups -
provides stronger security guarantees
then keys discovered in Autocrypt headers.

Therefore the address key mappings should be stored separately
and used over Autocrypt keys in case of conflicts.

This way verified contacts and groups prevent key injection through
Autocrypt headers.

In order to allow users to recover from device loss
the recommendation is to perform new verifications.

Since this may not always be feasible
clients should provide the users with a way
to actively move back to an unverified state.


Open Questions about reusing verifications for new groups
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Expand Down