On Tue, 26 Sep 2017 15:14:38 +0200, Kristian Fiskerstrand wrote: > On 09/26/2017 03:05 PM, Stefan Claas wrote: > > I'm no expert like all you guys, but my dream would be if Werner > > and his team could > > work together with the keybase team, so that we could have WKD > > support for keybase. > > WKD is a good step in providing a mechanism for key discovery, but if > automatically considering such keys valid (either directly or through > TOFU-model) you reduce the security to security of X.509 root > certificate PKIX, which many users trusts implicitly already so it is > a good simplification in many cases. That said I fail to see where > keybase comes into the picture, maybe you can elaborate a bit on that? > Well, i can't fetch keys from keybase with GnuPG in the command line like i can do with traditional key servers. On keybase i am in full control of my pub key, so that nobody can add there unwanted signatures or a fake "sig3" to my pub key. I could not test WKD yet, but believe that the same rule applies there too, with protecting my pub key. If both, WKD and keybase could work as one unit GnuPG power users could fetch keys via CLI, as usual, or via their client software and users had the ability too to check also the keybase Web Interface for additional infos about a user, if they like to do so.
keybase current stats: Keys: 763,642 Humans: 180,431 Teams: 8,652 (new!) The figures should not be underestimated imho because i believe that keybase helps also the grow of GnuPG and is a nice addition for GnuPG users, me thinks. Regards Stefan -- https://www.behance.net/futagoza https://keybase.io/stefan_claas _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users