Authentication - how is it done? #227
Comments
|
TOFU (trust on first use), similar to SSH. You will be warned if a contact's identity key changes. You also have the option to manually verify the initial key exchange by tapping on the padlock and selecting "verify recipient." |
|
Right - that makes sense. However, I still believe it would be a nice feature with some kind of "extended validation" indicating I actually confirmed the other key. |
|
The problem is that the entire metaphor is lost on most users, who don't actually know what a "key" is. I'm open to reviewing pull requests that try to make the UI you're describing accessible, but at the moment I really think TOFU is the most usable (and secure) scenario. |
|
Oh - I totally agree. It has too be extremely subtle an unobtrusive in order to stay user friendly. I am very open to contributing in the future (realistically in a few months) but I just need to get my own pet project ready out the door first. |
I tried doing some quick research of how TextSecure is doing authentication.
At the moment my impression that it's not but just assumes there are no MITM and stores the keys for verification at a later point.
I guess this a very convenient and reasonable default. However, it would be nice if I could "strongly authenticate" my contacts which would indicate I have verified the keys in person and trust them. This could (should IMO) also be rewarded by adding some visual indicator in the UI. (maybe a better solution is to reverse the process and show an indicator it a contact is not authenticated).
The text was updated successfully, but these errors were encountered: