@yarmo, As I provide escrow services for the Russian/Ukrainian part of the #crypto community, there are many scammers who pretend to be me in order to steal money from people, so I always encourage everyone to request a #PGP signature for some message to make sure it's me. 99.999% of people don't want to deal with PGP, install additional software, import my PGP key, etc.

In this case people need only to copy-paste my signed message here and press "Verify" button:

keybase.io/verify

@TheFuzzStone can we not put a verify button on our own website? Or would that be not trustworthy? I understand the advantage of keybase being easy for verification. But pgp existed before keybase, surely there must be other ways to achieve what they did.

@yarmo @TheFuzzStone

So what Keybase got absolutely right is

1) a trusted website
2) that holds PGP keys of many people
3) easy to use copy & paste user interface

@kravietz, not only does it "hold" the keys, it also needs the ability to verify the signature.

These are typical PGP servers, but they're difficult for beginners:

* pgp.mit.edu/
* keys.gnupg.net/
* keyserver.ubuntu.com/
* pgp.circl.lu/
pgp.key-server.io/

You can find my key there, but, if you want to check my sig - you need to install some PGP client, import my key, set up the level of trust (the most confusing moment for beginners) and then check the sig.

Follow

@TheFuzzStone

opmsg actually does just that including web-of-trust on top of BTC blockchain except for the nice web interface. Interesting challenge, need to think about it.

Β· Β· 0 Β· 0 Β· 1
Sign in to participate in the conversation
Mastodon πŸ” privacytools.io

Fast, secure and up-to-date instance. PrivacyTools provides knowledge and tools to protect your privacy against global mass surveillance.

Website: privacytools.io
Matrix Chat: chat.privacytools.io
Support us on OpenCollective, many contributions are tax deductible!