Trust on First Use

Currently you can either verify a contact and have guaranteed end-to-end encryption, or you are left without any encryption guarantees. which is not ideal.

If you are not able to verify a contact immediately, it seems you have to accept the weaknesses/limitations of Autocrypt’s “opportunistic” security.

I think you could improve security in these cases by allowing users to add contacts/create chats that have guaranteed encryption but “unverified” status (maybe a gray checkmark instead of a green checkmark?) which would eliminate risks such as “surprise” unencrypted messages or email servers doing MITM at a later point in time. When users are able to verify these contacts properly at a later date, they can upgrade the status (e.g. from gray checkmark to green checkmark).

On a related subject, is there any news/update about whether “forced encryption” mode as discussed on other threads has already been implemented or will be implemented soon?

Related topics (3+ years old with no clear resolution):

Relate GitHub issues: