Grant Ho: 1.Trust-on-first-use (TOFU) establishes trust by allowing to parties to exchange keys during their first interaction with each other; each of these parties can then bind/pin the other party's key to their purported identity for future interactions. This approach assumes that the first interaction is benign, so it is vulnerable to a MITM adversary who tampers with this first exchange. While it provides a number of usability and deployability benefits such as not requiring a service provider and easy enrollment, TOFU doesn't have an easy way to support key revocation and multiple keys per entity. 2. Authority-based Trust schemes allow one party to look up and verify another party's keys through a trusted authority (similar to CA's). Although this approach offers good usability and has widely deployed examples in practice (iMessage), it suffers from the standard weaknesses of a trusted KDC scheme. Namely, if any of the trusted authorities fail to properly verify that a key truly belongs to an entity, or if the trusted authority actively lies about a party's key, then scheme does not provide security against an attacker who corrupts or coerces the trusted authority/the trusted key directory.