• scratchee@feddit.uk
    cake
    link
    fedilink
    English
    arrow-up
    1
    ·
    2 hours ago

    The user would be unable to use E2EE as soon as the key is swapped, so the only real issue here is impersonation.

    If an admin mitms all the messages then they can re-encrypt using the users original/real public key, leaving the user unaware that they have been hacked and able to use encryption as normal, or am I missing something?