[LCA2015-Chat] Keybase.io invites
Steve Walsh
steve at nerdvana.org.au
Wed Jan 14 21:23:01 EST 2015
On 01/14/2015 11:09 PM, Fraser Tweedale wrote:
> I view it as, and use it as:
>
> a) a directory of cryptographically strong assertions binding social
> network accounts to OpenPGP keys, and
>
> b) a convenient tool for generating such assertions
>
> The assertions themselves are not stored in keybase.io and are
> verifiable and meaningful on their own.
AIUI (and very happy to be corrected on this) the cli client will look
for the identifying posts on each proven identity (ie - it checks for a
particular twitter post, a particular post on your github profiles,
etc), and will notify the people following your verification status if
it changes, thus giving a solid time stamp at this which this identity
should stop being trusted, and at what point it can start being trusted
again (should you chose to do so).
The github identity, for example, provides a useful way for those who
sign code to confirm that the code submitted up to a certain point is
(for given values) certifiably from the person committing it, etc.
> Some people I spoke to expressed concern about keybase posessing or
> asking for one's private key. I either did not encounter or
> summarily ignored and subsequently forgot about any such aspect.
> Perhaps others could comment further.
I'm boarding the Nope train on that aspect of it.
More information about the Chat
mailing list