On 2/11/14, Sven Moritz Hallberg <[email protected]> wrote: > Assume Alice and Bob have exchanged keys through an insecure channel and > need to verify their fingerprints. > > Alice picks two random words from the list and writes them on the back > of a business card. She hands the card to Bob at their next meeting.
Or even better: Alice prints her public signature-verification/identification key on the front of the business card, and Bob checks that it matches the key he's been using. The point of using an ‘introduction secret’ is that it can provide authentication after the first meeting, with no prior preparation (e.g. printing and bringing proper business cards) required. Robert Ransom _______________________________________________ Messaging mailing list [email protected] https://moderncrypto.org/mailman/listinfo/messaging
