[yarg]

No, I'm not (I'm not a total fucking idiot).

What I'm suggesting is that the same certificate infrastructure that is used to secure the connection between a server and a client could also be used to secure the connections between users.

There's nothing specific to HTTPS about CAs and trust chains.

[cycomanic]

But for encrypted DMs you need per user keys that are stored on the users computer, otherwise the owner of the server has control over the key and we're back at square one. Or am I somehow misunderstanding you?

[yarg]

You can use client side symmetrical crypto to allow for the private key to be stored on the server.

It means that weak keys are a problem, but that's been the case since the dawn of time.