On Fri, Dec 12, 2014, at 16:15, Eleanor Saitta wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > On 2014.12.11 14.21, Sam Lanning wrote: > > We've been thinking the goals of what we're trying to achieve with > > deniability all wrong. > > > > Deniability is the goal of trying to make our use of encrypted > > messaging not make us more liable for what we say any more than > > messaging has already done for years. > > > > Deniability is *NOT* the introduction of a new property to our > > online messaging that allows us to be able to deny what we've said > > any more than we've been able to to in all our years previously > > without end to end encryption. > > > > All deniability is, is putting safeguards in place so that our use > > of cryptographically secure communications protocols does not screw > > us over, and come with any more hidden surprises than any insecure > > communications protocol. > > Congratulations, this is the first statement about this that rises to > the level of being coherent.
Sam summarizes nicely what I believe most people here think of when they talk about deniability. It's the absence of signatures which irrefutably link users to the statements they have made. My original point was that the practical usefulness of this could be increased by surfacing it in the UI and allowing users to actually create false records. After the (lack of) examples brought forward in this thread of how this would actually create a significantly increased beneficial outcome in practice, compared to the complexities and confusion it likely introduces for the user, I'm no longer sure this is a good idea. _______________________________________________ Messaging mailing list [email protected] https://moderncrypto.org/mailman/listinfo/messaging
