undefined | Better HN

0 pointscbhl10y ago0 comments

Have you heard of keybase.io?

They don't do Facebook, but you can tie a PGP key to various other public identities (Twitter, GitHub, HN, Reddit, etc.)

0 comments

bostik10y ago

I had heard about them but never had taken a good look. Now I did and choose not to deal with them. Some quotes from their website:

> certain crypto actions (signing and decrypting) are limited to users who store client-encrypted copies of their private keys on the server

No. Especially combined with the next one:

> On the website, all crypto is performed in JavaScript, in your browser. Some people have strong feelings about this, for good reason.

The second sentence sums it all up.

I think the service has been made with good intentions, but the pavement on the road to Hell...

cbhlOP10y ago

The keybase CLI allows you to keep the private keys offline on a machine of your choice, and does the crypto the "standard way" (shelling out to gpg):

https://keybase.io/docs/command_line

j / k navigate · click thread line to collapse