On 03/11/15 12:08, Ximin Luo wrote:
> I hear that OpenWhisperSystems don't want to implement "read receipts" because
> they consider this to be a security issue
To clear things up a little, Moxie wrote me to say that this isn't the case.
I'm not sure what their position *actually* is on the matter; he didn't say. I
guess they are still thinking about it.
The facts are, to the best of my knowledge:
- OWS has implemented delivery receipts in TS, in the sense of "trust the
transport".
- Their stated position (on some tickets dating to March/April of this year) is
that they're not looking to implement read receipts soon, but didn't state a
reason.
- There are various people online filling in their own justifications on why
OWS made this decision, that mention the security issue ("creep factor") in my
post. I've also heard this brought up in previous secure-messaging discussions
by people unrelated to OWS.
Anyway, the technical arguments given in the rest of my post apply regardless
of OWS' position. One can re-interpret it as a pre-emptive argument against
anyone in the future (including future-OWS) that *might* try to justify lack of
read receipts as a net security benefit. This is not totally out-of-the-blue -
I hear similar arguments from time to time, from people working in this field
and not just random internet users.
X
--
GPG: 4096R/1318EFAC5FBBDBCE
git://github.com/infinity0/pubkeys.git
_______________________________________________
Messaging mailing list
[email protected]
https://moderncrypto.org/mailman/listinfo/messaging
