[shp0ngle]

Yeah nobody really cares about those… people get new phones or, (in case of GPG) forget to renew their certificates so often that people just ignore this stuff.

This is a problem that is as old as public key cryptography and nobody really solved it since… uhhh the 90s? I don’t know

[gcr]

See "Why Johnny Can't Encrypt", 2005: http://people.eecs.berkeley.edu/~tygar/papers/Why_Johnny_Can...

Also see "Why Johnny Still Can't Encrypt", 2015: https://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.22...

Also see "Why Johnny Still, Still Can't Encrypt", 2016: https://arxiv.org/abs/1510.08555

[upofadown]

The first paper is the landmark and did a good job of identifying the root problem. The second two are just repeats of the first with no added insight and can be safely skipped.

It is kind of depressing that so many years have passed and we are still confusing people with impossible to understand stuff as per the current WhatApp example.