On 09/26/2017 03:05 PM, Stefan Claas wrote: > I'm no expert like all you guys, but my dream would be if Werner and his > team could > work together with the keybase team, so that we could have WKD support > for keybase.
WKD is a good step in providing a mechanism for key discovery, but if automatically considering such keys valid (either directly or through TOFU-model) you reduce the security to security of X.509 root certificate PKIX, which many users trusts implicitly already so it is a good simplification in many cases. That said I fail to see where keybase comes into the picture, maybe you can elaborate a bit on that? -- ---------------------------- Kristian Fiskerstrand Blog: https://blog.sumptuouscapital.com Twitter: @krifisk ---------------------------- Public OpenPGP keyblock at hkp://pool.sks-keyservers.net fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3 ---------------------------- "If you don't drive your business, you will be driven out of business" (B. C. Forbes)
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
