burdges
commented
9 years ago I believe 31e3538 to be what @agl meant to achieve when he originally coupled the identity key with the public key, but obviously it needs some consideration.
In particular, if there was a reason to move the newRatchet calls, like I asked about in https://github.com/agl/pond/issues/176, then 31e3538 makes protoVersion fragile in the call to newRatchet. Very tricky point.
We compute and display a fingerprint in User and Contact information dialogs for both the GUI and CLI.
Fingerprints are meant to be safe to display publicly on sites like twitter. At present, they're computed using a sha256, but perhaps we should incorporate additional data or a seed.
I avoided using the identity key in the fingerprint because it's known by the server. And conceivable we could remove it from the Contact struct all together.
Pull based on https://github.com/agl/pond/pull/174 of course, so please review that one first.