Ideally, the application would process authenticated data only. Currently, data is transmitted as plaintext and only later authenticated. A secure channel would help to deter attacks such as the keyserver-in-the-middle.A secure channel could be established by exchanging a secret via the QR code and use that to set up an encrypted link.
Ideally, the application would process authenticated data only. Currently, data is transmitted as plaintext and only later authenticated. A secure channel would help to deter attacks such as the keyserver-in-the-middle.A secure channel could be established by exchanging a secret via the QR code and use that to set up an encrypted link.