Ximin Luo <[email protected]> writes: > It is true that even this sort of tracking is quite basic though. A > more complex idea would be to automatically verify keys via > pre-existing verified keys, but this should really be part of a > central contacts manager outside of OTR, and could take advantage of > whatever secure protocols are available.
I have long thought that there should be a way to sign OTR keys with OpenPGP keys, or perhaps to export/import OTR keys to an OpenPGP implementation, so that one could have WoT validation. Of course we are only talking about the long-term authentication keys here.
signature.asc
Description: PGP signature
_______________________________________________ OTR-dev mailing list [email protected] http://lists.cypherpunks.ca/mailman/listinfo/otr-dev
