On Tue, Mar 11, 2014 at 3:33 AM, Tony Arcieri <[email protected]> wrote:
> I feel like solutions that rely on manual verification of key fingerprints > fall into this category: > > http://i.imgur.com/2bEWKNS.png > > I don't think these solutions are providing effective security. I feel we > need to start from the real needs of real users, and work backwards. > How fingerprints fit into an overall secure-comms UI is a good question. I agree that asking users to compare fingerprints routinely is a bad idea. Automating authentication (e.g. "trust-on-first-use", key servers) will be better for most users most of the time. But anything automated breaks down occasionally (the TOFU key has changed - what do you?), and requires assumptions not every user will be comfortable with (might a MITM have been present in first contact? do I trust the key server?). So being able to manually verify fingerprints comes in handy, and has been a part of crypto UIs for a long time (PGP, SSH, OTR, TextSecure, CryptoCat, etc.). Since there's almost no UI research here it seems reasonable to look into it and try to establish some best practices. > One can propose a study for optimum time-based fingerprint verification > and study fingerprint accuracy, but are fingerprints even a good idea? I > feel that's where you need to start with any sort of usability study. > Christine is talking to a researcher with specific experience in usability studies of information representation. Broader studies would of course be worthwhile too, if someone wanted to volunteer resources for that. Trevor [1] https://moderncrypto.org/mail-archive/messaging/2014/000129.html
_______________________________________________ Messaging mailing list [email protected] https://moderncrypto.org/mailman/listinfo/messaging
