[Autocrypt] usability and passphrase-less keys

Maikel maikel at email.org.au
Wed May 3 19:54:25 EDT 2017


Hello,

This is my first contribution on the list, so tell me if I'm missing
some conventions here.

Holger said:

> I eventually perceived us arriving at the conclusion that there is
>  no good reason for defaulting to require passphrases when generating
>  a key.

You discussed the cases when the key is stored on the user's device. And
I think that the conclusion is reasonable in this passive attack
scenario.

But what about the key sharing? Since there is no specification of the
key sharing yet, we don't know the implications of this. Anyway, any key
sharing should protect the key independently. The docs say:

> Todo: Crically consider end-to-end encryption for MUAA messages.
> https://autocrypt.readthedocs.io/en/latest/peering.html

Cheers,
maikel




More information about the Autocrypt mailing list