Houston, we have a problem
Kristian Fiskerstrand
kristian.fiskerstrand at sumptuouscapital.com
Tue Sep 26 15:14:38 CEST 2017
On 09/26/2017 03:05 PM, Stefan Claas wrote:
> I'm no expert like all you guys, but my dream would be if Werner and his
> team could
> work together with the keybase team, so that we could have WKD support
> for keybase.
WKD is a good step in providing a mechanism for key discovery, but if
automatically considering such keys valid (either directly or through
TOFU-model) you reduce the security to security of X.509 root
certificate PKIX, which many users trusts implicitly already so it is a
good simplification in many cases. That said I fail to see where keybase
comes into the picture, maybe you can elaborate a bit on that?
--
----------------------------
Kristian Fiskerstrand
Blog: https://blog.sumptuouscapital.com
Twitter: @krifisk
----------------------------
Public OpenPGP keyblock at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3
----------------------------
"If you don't drive your business, you will be driven out of business"
(B. C. Forbes)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20170926/31d89703/attachment.sig>
More information about the Gnupg-users
mailing list