On 11/02/2014 07:23 AM, Mark Atwood wrote:
I will also try to get more keybase.io invites, for those who want them.
keybase.io is a web service that provides an independently provable
binding between your social media and github identities, and your gpg
key.
I have been granted *many* invites from keybase.io for OpenStack
developers.
I have already sent an invite to everyone who already participated in
the keysigning party in Hong Kong and in Atlanta.
If anyone else wants an invite, do please approach me at the Summit in
Paris, or email me.
..m
--
Mark Atwood <[email protected]>
Mark Atwood <[email protected]>
_______________________________________________
OpenStack-dev mailing list
[email protected]
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
Current problem: CLI requires a conflicting dependency with Fedora
packages Node.js libraries. I'll see if I can remove the conflicting files.
I like the idea of Keybase, but remember, it is really easy to do PKI
wrong. The cardinal rule of PKI is that the Private Key should never
leave your machine; ideally it would never leave a hardware security
module. It should certainly not be send to some remote machine for
management unless...well, unless you have the whole archival and storage
story straight.
So, do Keybase, but don't let it manage your private key. They don't
really want to, anyway.
_______________________________________________
OpenStack-dev mailing list
[email protected]
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
