Closed azul closed 6 years ago
I think we need to actually lock the keys to uphold the security properties in the face of active attacks such as fabricated Autocrypt headers.
@carmelatroncoso @r10s @hpk42 I moved the discussion to a separate section and wrote a new proposal. What do you think?
@azul looks good to me now
49 made it clear that we have not spelled this out.
I think we need to actually lock the keys to uphold the security properties in the face of active attacks such as fabricated Autocrypt headers.