I am trying to develop a simple protocol for two users to verify (with respect to a trusted central authority) that they have (intentionally) met/communicated with each other.
My idea was this: Users own a (public, secret) key pair of any common asymmetric system, such as RSA. Their public key also servers as their identifier. In order for two people to confirm that they have had contact, they will both generate a random 256bit number, share it with each other (in the indented application/use case, this is intended to happen only in person, not over distance) and then both individually, securely transmit (e.g. HTTPs) the concatenated number to a central authority encrypted with their respective private keys. They will also transmit their respective public key/id to identify themselves to the central authority, which in turn can verify that both have sent the same message after decrypting with their respective public keys, which both proves their identity and their prior communication.
I realize that it lends itself to a man-in-the-middle attack where a middle-man could relay two persons' random numbers to each other, effectively faking a meeting between these two and not including himself. The real system in which I intend to use this would make this practically impossible, as both users have to message the CA in a very short time frame and users would typically share random codes only in person, where such a MITM attack would be obvious.
Edit: The main purpose is for the two users to prove their intentional communication/meeting. There is no incentive and no harm done in conspiring to confirm in this way a meeting that has only occurred remotely, as long as both parties are aware of this action.
With this said, is this a bad idea, if yes, why?
