hpk42
commented
5 years ago not neccessary anymore with the current claimchain approach ;)
Closed hpk42 closed 5 years ago
hpk42
commented
5 years ago not neccessary anymore with the current claimchain approach ;)
Currently there is no easy way to perform out-of-band verification. Even if one manually performs fingerprint verification with a peer, that fact is not recorded nor recognized, and we do not provide a verification status for a peer.
the idea is that oob-verifying parties exchange in-band messages protected by an out-of-band secret. This can happen through generating and inputting a long number (helped by a QR code, possibly). Or it could happen via having peers exchange an initial message each and then having both sides display something (a number or words) which verify the confidentiality and integrity of the channel.
Now, we do not only want to compare fingerprints of current keys. We rather want to send peer history to the other side (see PeerChain in #28) so that verification can happen more in-depth: if the other side sends us several different keys for ourselves, we can check it against our own history -- and if our history covers the same time range, we might be able to determine locally if the keys match or there was a machine-in-the-middle attack. This in-depth might not always be conclusive, due to local device-loss or re-install events, but at least for the time range for which we have history we can verify that the other side didn't see wrong keys.
When creating QR codes for key fingerprints we probably want to be compatible with Openpgp4fpr QR codes that OpenKeychain uses.