On 01/29/2014 04:32 PM, Trevor Perrin wrote: > I'm a little surprised I can't find more useability research here, except for: > - https://blog.crypto.cat/2014/01/cryptocat-at-the-openitp-dc-hackathon > - https://moderncrypto.org/mail-archive/curves/2014/000011.html > > Are there other studies? Are there any "best practices" emerging?
In the context of messaging, regardless of how a fingerprint is presented, my sense is that the entire concept makes no sense to the bulk of users. Go to a "crypto party" and watch the faces of participants when the facilitators demonstrate exchanging fingerprints. Faces tend to start at bland confusion, until about 15 seconds into the facilitator reading random hex digits aloud, at which point they evolve to a distinct "what the fuck?" Subsequent questions tend to include things like "wait, what's the difference between a key and a fingerprint?" There's no great reason a person who wants to send messages should need to know that. My intuition is that we just shouldn't be showing the user a fingerprint at all if even remotely possible (TOFU). If it's necessary to display a real fingerprint at some point, the user isn't going to have any idea what's going on, so it probably doesn't matter whether it's a set of gibberish words, a hex string, or b32 character string. SAS might be a different story in very specific contexts, but it's likely a non-starter in the case of async messaging. - moxie -- http://www.thoughtcrime.org _______________________________________________ Messaging mailing list [email protected] https://moderncrypto.org/mailman/listinfo/messaging
