@nikolal OK it looks like keyoxide can validate more proofs, including XMPP?

Show thread

@supernova You can setup your own WKD server on VPS, and everyone can pull your PGP key from it. Purpose of WKD is decentralized keyservers. You can read how to add proofs here:
metacode.biz/openpgp/proofs

@supernova Yes, they are very similar, you could ask @yarmo for more details. I'm kinda promoting both

@supernova @nikolal very similar indeed! Metacode.biz was the OG proof verification site. With the help of its dev, I built #keyoxide and added proofs. Eventually the new proofs will also be added to metacode.biz so that hopefully in the end, both can do the same tricks! #decentralization FTW

@yarmo @nikolal
keyoxide.org/9D18CA1BBF1BEF08E
How do I add an avatar?
I'm having some trouble getting the "About" to save in my vcard in Gajim. But I made progress with other proofs.

@supernova @nikolal nice with the xmpp progress! An avatar (there should be a guide for this…) is fetched only from gravatar for the moment.

@yarmo @nikolal @wiktor
OK I got the avatar and xmpp figured out. The problem saving the xmpp profile About is actually an issue with that particular xmpp provider I have been using. It worked fine with another backup account I had. So I decided to just get a new account at snopyta.org, I've been eyeing getting one there for some of their other services as well. I added my keyoxide link to my Masto profile as well.

@yarmo @nikolal @wiktor
Oh also following the xmpp guide I used Gajim to modify my profile About and then Conversations to get the OMEMO URI for a full verification of the key by keyoxide. Which is fine, I don't mind having the account on multiple devices. However I believe this does mean that only my Conversations key will be verified, the Gajom key won't be (even though it's tied the the same account as a verified key)? Is there a way to get the Gajim key URI?

@supernova @nikolal @wiktor You are right! I did find a way which I will add to the guide, I'm just hoping that there's a simpler one!

I opened the XML console and sent a message to some contact, doesn't matter. In the XML console, after some searching, you'll find a "device-id" header, that's the first of the two numbers needed for the proof. The second is just the fingerprint which is easily obtained (lock icon)

Yep! Basically what Yarmo said.

Both are based on the same underlying protocol so they’re 100% compatible. Actually if someone else wants to write another proof verifier (for Android? iOS?) we’re open!

And yeah — this is what decentralization is really about — no vendor lock-in, just a bunch of parties working together to create something bigger. Just look at Keyoxide — it already supports more proofs than Keybase did and there is no “we need to approve your Mastodon instance and it need to have more than X users” like Keybase had.

Sign in to participate in the conversation
Mastodon 🔐 privacytools.io

Fast, secure and up-to-date instance. PrivacyTools provides knowledge and tools to protect your privacy against global mass surveillance.

Website: privacytools.io
Matrix Chat: chat.privacytools.io
Support us on OpenCollective, many contributions are tax deductible!