Ahem. I'd expect something that most xmpp clients could do 10+ years ago with OTR: after establishing an encrypted session the user is given a warning that chat identify of a partner is not verified, and is given options on how to perform this verification.
With CA you can make a mild warning that identity is verified by Signal, and give an options to dismiss warning or perform off-the-band verification.
Not too disastrous, no?
> That's not true. When you verify a contact, it adds a checkmark next to their name with the word "verified"
It has zero effect if the user is given no indication that there should be the word verified.
It is not true what you say. This [1] is what a new user sees in Signal - absolutely zero indication. To verify a contact user must go to "Conversation settings* and then "View safety number". I'm not surprised nobody ever established a verified session with me.
Ahem. I'd expect something that most xmpp clients could do 10+ years ago with OTR: after establishing an encrypted session the user is given a warning that chat identify of a partner is not verified, and is given options on how to perform this verification.
With CA you can make a mild warning that identity is verified by Signal, and give an options to dismiss warning or perform off-the-band verification.
Not too disastrous, no?
> That's not true. When you verify a contact, it adds a checkmark next to their name with the word "verified"
It has zero effect if the user is given no indication that there should be the word verified.
It is not true what you say. This [1] is what a new user sees in Signal - absolutely zero indication. To verify a contact user must go to "Conversation settings* and then "View safety number". I'm not surprised nobody ever established a verified session with me.
[1]: https://www.dropbox.com/s/ab1bvazg4y895f6/screenshot_2021080...