Open rgardner opened 8 years ago
hmm, I think this is correct with a minor clarification...
"maria" has access to the private key that corresponds to the public key in step 1, since only the holder of the private key can generate that signed statement, and only "maria" can post it on keybase, and only "maria2929" can post it on twitter. This ties them all together.
Perhaps I should change this:
(3) the private key referenced back in step 1.
to:
(3) the private key that matches the public key referenced back in step 1.
what do you think? I'm a bit worried about the writing getting too dense, so a more concise alternative would be better.
I prefer your change to the original, but agree with the goal of keeping it concise.
Maybe one of these?
(3) the private key matching the public key referenced back in step 1.
(3) the public/private key pair referenced back in step 1.
What surprised me was that the private key was not explicitly mentioned back in step 1 ("wait, was the private key in the JSON object? That doesn't seem right.") The public key was the thing being referenced in step 1.
Step 2: the computer review
(emphasis mine)
This should be public key, right?
The JSON object in step 1 says the following
keybase_username
has thispublic_key
,twitter_username
, andtwitter_proof
. I get that "maria" should have the private key corresponding to that public key, but isn't that too strong a statement?