> > I've written it up on the signal forums here: https://community.signal > users.org/t/a-proposal-for-alternative-primary-identifiers >
Trevor, we actually implemented simular schema few years ago in "Zax" relay: https://github.com/vault12/zax#readme Address space is global for all, address is a hash of a public key, and initial key exchange bootstraps via SMS (http://bit.ly/zax-invites) IMHO, the elephant in the room here is highly popular use case "phone droped into toilet", which is about few times a year for a casual user. As long as you need to support fresh phone bootstrap for casuals then phone number remain "casual ID" - goes without saying casual user has no clue how to backup her old phone, and she long forgoten whatever sequence of letters you told her 4 months ago. Right now everyone accepts the compromise of having one instant of weakness (when phone number bootstraps long term PKI exchange) for the security of continious operations after such bootstrap took place. Whatever solution you end up doing it has to address the critical use case of user getting completely fresh phone, no old artefacts preserved, and the only connecton to his "past life" is his phone #. - Max - vault12.com
_______________________________________________ Messaging mailing list Messaging@moderncrypto.org https://moderncrypto.org/mailman/listinfo/messaging
