> The umbrage that the GP seems to be taking is that Signal doesn't require you to verify your key, nor is it particularly visible.
Only the latter really, but yes. It doesn't need to be required -- see the footnote text where I elaborate: Threema also doesn't require it, but it's very visible, so people do it and thereby avoid having to trust the server.
> only really starts bugging you about verifying keys if they suddenly change
Does it? I haven't seen that, though I think the only key changes so far have been in group chats, perhaps that's different. This would be quite an improvement over WhatsApp that I wasn't aware of (if it really does this).
> Signal advises you whenever a safety number has changed. This allows users to check the privacy of their communication with a contact and helps protect against any attempted man-in-the-middle attacks.
> The most common scenarios where a safety number advisory is displayed are when a contact switches to a new phone or re-installs Signal, but these actions don't always result in a safety number change. However, if a safety number changes frequently or unexpectedly it may be a sign that something is wrong.
Oh just that little message saying that the safety number changed? I thought it would actually, like you said, start bugging you to verify the safety number upon "sudden" changes.
Only the latter really, but yes. It doesn't need to be required -- see the footnote text where I elaborate: Threema also doesn't require it, but it's very visible, so people do it and thereby avoid having to trust the server.
> only really starts bugging you about verifying keys if they suddenly change
Does it? I haven't seen that, though I think the only key changes so far have been in group chats, perhaps that's different. This would be quite an improvement over WhatsApp that I wasn't aware of (if it really does this).