undefined | Better HN

0 pointsmacrael11y ago0 comments

This would be solved by public key encrypting and signing both sides of those messages. Nothing stops people from sharing your public key, so you could develop some kind of one off token for everyone instead, that way you can kill those tokens after a time.

0 comments

1 comments · 1 top-level

superuser211y ago

The question is how do you know that it's actually their public key.

The usual approaches are:

1) verification of they key fingerprint by some other channel, such as the PSTN, but this is obnoxious and feels like tradecraft; you are unlikely to get normal people to do this for normal communications.

2) certification of trust based on 3rd-party verification of government identity documents or control of some address.

3) the web of trust. Might work well for a bunch of security-conscious HN types, but unlikely to be a good solution for people such as our mothers who have neither the cryptographic background to make intelligent decisions about signing keys, nor the inclination to care.

j / k navigate · click thread line to collapse