I suggest that the option for manual fingerprint verification should be a feature and not something to be shunned. The UI could include a button to “inspect and confirm” a fingerprint.
I address some issues raised in this thread:
Fingerprints are not supposed to be compared manually. What you discovered in the “Encryption” menu is a debugging info at best
But why not compare manually? People using PGP and email have traditonally verified fingerprints by manual inspection and this method is not inherently less secure than “secure join” if done properly.
Adding a readable Signal-like “safety number”, maybe encoded in emojis, is possible, but it only provides a one-way verification and users may fail to verify it two-way
Wouldn’t it be relatively easy to just withhold “verified” status until both users confirm the fingerprint on their end?
QR codes are convenient for many users, but they also present a barrier for others, and unfairly disadvantage users with less resources (such as users who don’t own a printer or a second device). And if your in a different country and your only two channels are email and telephone, then it makes sense to use the telephone as your out of band channel.
there are no such problems, you can scan the QR code in person or if you are not in the same room with your peer they can send you the invite link which doesn’t require a camera or scanning any QR code, there is no point in having to manually compare big numbers or tokens
my comment you are quoting is from a time when it was not possible to share invite links and people had to share the QR image around
Yes, the newer version of Delta Chat which includes the invite links was only released around the time when I made this feature proposal and I wasn’t aware of the new feature at the time, so my comment has become outdated. It’s good that there is now the option for using invite links!