Ola Bini <l...@olabini.se> writes: > Hi, > > Lately I've been thinking about how to communicate the decisions OTR is mak= > ing in such a way that users can make informed choices based on > that. I realized that one thing I've missed when using OTR-enabled clients = > is the possibility of knowing whether my peer has validated my > key or not.
Two questions: Why is it useful for you to know if the other side has marked your key as valid? Why is it ok, from a security viewpoint, for them to disclose that to you? I don't mean these to be accusatory, but I think rationale for them should be part of a proposal to add something.
pgpVYVBjOsyxv.pgp
Description: PGP signature
_______________________________________________ OTR-dev mailing list OTR-dev@lists.cypherpunks.ca http://lists.cypherpunks.ca/mailman/listinfo/otr-dev
