There is a big difference btwn a 20 bit key which can be secure with
srp versus a 80 bit or so key with psk. If users are in the loop...
I understand that but I assume that the key that is being used in this
context isn't really a long-term secret shared between the two users but
rather something that is dynamically created and then exchanged within
the e2e signaling exchange. I doubt that a model that relies on both
parties having a shared secret is particularly practical for most of the
users...
Ciao
Hannes
