Dear list, Questions for Joseph, Marcela, or any other CONIKS experts out there:
Regarding the strict key change policy mentioned in the paper, how can Alice verify Bob’s latest key? Does she cache his previous key and verify the latest one received comes with a key-change message that’s signed by the previously cached key? This aspect doesn't seem to be part of the protocol described in the paper. If there is a way to securely verify the key change using a previously verified/pinned key then this mechanism could prevent MITM attacks. So is this specified in an “official protocol” somewhere? Also, is there an official discussion list for CONIKS? Thanks much! Greg
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ Messaging mailing list [email protected] https://moderncrypto.org/mailman/listinfo/messaging
