On Saturday, March 23, 2013, ianG wrote: > Someone on another list asked an interesting question: > > Why did OTR succeed in IM systems, where OpenPGP and x.509 did not? >
Because it turns out that starting with anonymous key exchange is good enough in many cases. Leap of faith would have been a good addition, but would have created device sync issues, and the answer/question authentication is good enough. Imagine if we'd insisted on a PKI for IM...
_______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
