defanorhttps://xmpp.org/extensions/xep-0374.html#choose-pubkey says that all announced keys must be used for encryption, and I assume all the used keys must be trusted. If we already know some trusted keys and new keys are added (which aren't signed by old ones), seems sensible to use the old ones to verify the new ones (even if simply by asking over a channel secured with those), yet sounds like this requirement (using all the keys) would
defanordeny using those previously trusted keys to verify a new one. I've also checked Gajim sources now, apparently it only uses trusted ones (though it doesn't claim to support XEP-0374, just 0373). Is it an oversight in XEP-0374, or is there some rationale for that requirement?
flowdefanor, I think the second MUST in xep374 § 2.3.1 should be downgraded to a MAY. It is outside the scope if xep374 how to determine if a key is trusted and hence should be used for encryption
flowdefanor, I think the second MUST in xep374 § 2.3.1 should be downgraded to a MAY. It is outside the scope if xep374 how to determine if a key is trusted and hence if the key should be used for encryption
defanorI have one more question regarding that XEP (although perhaps it's more generic), the "Encrypted but unsigned messages (<crypt/>) do not provide an advantage over unencrypted ones since the sender can not be verified." part: I think I've heard that argument before, and possibly even found it convincing, but failing to make sense of it now. There is an advantage for secrecy over unencrypted messages, isn't there? Just not for
flowdefanor, that's debateable if there is an advantage.
flowthe xep mostly mimics the modes that OpenPGP provides and leaves it up to consumers to decide if they want to use it
edhelasis there some Monal developers around here ?