On 2013-06-30 5:13 PM, Danilo Gligoroski wrote:
This was expected.
As Skype definitely ruined its reputation as free end-to-end application for
secure communication, other products are taking their chances.
"Agencies showing sudden interest in encrypted comm" ---
http://gcn.com/blogs/cybereye/2013/06/agencies-sudden-interest-encrypted-com
m.aspx
Silent Circle expects end users to manage their own keys, which is of
course the only way for end users to be genuinely secure. Everything
else is snake oil, or rapidly turns into snake oil in practice. (Yes,
Cryptocat, I am looking at you)
However, everyone has found it hard to enable end users to manage keys.
User interface varies from hostile, to unbearably hostile.
Silent Circle publish end users public keys, which would seem to create
the potential for a man in the middle attack.
I would like to see a review and evaluation of Silent Circle's key
management.
_______________________________________________
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography