Related to #3656 a more "web-of-trust" could be an option too : verify/trust all devices trusted by user X or by all existing users in the room with a display of number of users that trust a given key.
I don't quite like this idea. It simplifies mapping out who someone interacts with by seeing if the keys are trusted. It'll leak private metadata for very little possible benefit (most people don't correctly trust keys in the first place, even more technical users, I have never been able to trust the web of trust for GPG keys either).
@TheLastProject Is there any other solution to scaling verification?
N^2 verifications makes any E2EE room with more than 5 members basically unusable. There any many circumstances when you wouldn't want everyone to verify everyone.
Web-of-trust is fairly reliable in workplace/small-community environments. It only makes sense that I would be able to trust my boss's verifications. He's running the room after all, it's his ass if the E2EE is voided by improper verification.
Most helpful comment
@TheLastProject Is there any other solution to scaling verification?
N^2 verifications makes any E2EE room with more than 5 members basically unusable. There any many circumstances when you wouldn't want everyone to verify everyone.
Web-of-trust is fairly reliable in workplace/small-community environments. It only makes sense that I would be able to trust my boss's verifications. He's running the room after all, it's his ass if the E2EE is voided by improper verification.