Quoting Tim Bray (2014-09-09 11:48:10) > On Tue, Sep 9, 2014 at 9:35 AM, Daniel Kahn Gillmor <[email protected]> > wrote: > > > > I'm afraid i don't understand the argument here. What is the use case > here? > > 0) something is published on twitter account "foo" and i want to know > to whom to attribute authorship. > > 1) i regularly communicate with "foo" on twitter, and i want to know > how to communicate with the author in other communications channels. > > > 2) You want to communicate with me, Tim Bray, and go looking for a key for > me. > You discover that there is a directory of keys, and you can retrieve a public > key from it, and the corresponding private key has been used to sign a > time-stamped tweet from @timbray and gist from github/timbray and an assertion > at tbray.org, and because you know who I am on Twitter and github and what my > personal domain is, and you can check the signatures, you are prepared to > believe that that public key is appropriate for communication with me.
Yes, but I don't have any way to audit twitter or github. As dkg is mentioning in his email you are putting them in the role of a CA without their consent. -- Ruben Pollan | http://meskio.net/ -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- My contact info: http://meskio.net/crypto.txt -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Nos vamos a Croatan.
signature.asc
Description: signature
_______________________________________________ Messaging mailing list [email protected] https://moderncrypto.org/mailman/listinfo/messaging
