I want to know who that works on Riot/Matrix decided that an interactive key exchange mechanism was smart, then who decided to force a new, still interactive mechanism was better (it is not), because they have doomed Riot as well as Matrix to failure.
@mister_monster
Security is hard, and anything non-interactive wouldn't be secure.
@Coffee XMPP handles security noninteractively. Signal requires interaction of the user once for each device they add. SSL is noninteractive.
Suppose you have 20 friends. Each has 2 devices, a computer and a phone. You sign out and then sign back in. Now each one of them must on each device verify you, and this requires you and them to interact which means you have to be available at the same time. That's 40 interactions! How is this useable?
@mister_monster
By the way, I disagree with the TLS CA model and consider it insecure, although it is better than nothing.
@Coffee well it has to be that way with the model they've chosen. The interactive key exchange and the session logout go hand in hand.
@mister_monster
In its defense, you're not really supposed to log out. But yeah, if you're in a situation where you do have to log out frequently (sharing a device with others, internet cafe), it's not good.
@mister_monster
So your actual complaint isn't that the verification is interactive, but that it happens unnecessarily and way too often.
Which, agreed.
The cross-signing thing is supposed to help with that, but we'll see how it goes.