On 11/01/2013 11:06 AM, Tom Ritter wrote: > On Nov 1, 2013 5:54 AM, "Ximin Luo" <[email protected]> wrote: >> If two accounts use the same key, it's clear they are the same person. Can >> you >> think of a situation where this might not be desirable? > > Any situation where people do not want to disclose those accounts are > the same person? It's certainly necessarily to _retain_ that option. > (Whether it be in the same UI, or in some type of 'Persona' UI where > the entire application switches over and there's no chance of > confusing things.) > > I agree the situation is annoying now[0], but it does default to > 'safe'. Instead of necessarily defaulting to 'unsafe'[1], maybe the > answer is "Make it way, way easier in applications to do the common > but potentially unsafe thing?" > > Caveat: I do not work in the field with actual users, Nathan does. > > -tom > > [0] See my workaround: http://ritter.vg/misc/stuff/otr.txt > [1] For a particular definition of safe, admittedly
So yes, that would be a problem. So this could be presented to the user as a choice during the initial keysync. Something like "Link these identities together?" then list the identities for the user to select with to link, and which to leave with its own key. .hc -- PGP fingerprint: 5E61 C878 0F86 295C E17D 8677 9F0F E587 374B BE81 _______________________________________________ OTR-dev mailing list [email protected] http://lists.cypherpunks.ca/mailman/listinfo/otr-dev
