eblanton
commented
10 years ago I think this is closely related to #127.
Open geofflane opened 10 years ago
eblanton
commented
10 years ago I think this is closely related to #127.
One of the ways to validate keys is to find that they've been signed by you or by people whose keys you already have. Keybase could also check the local GPG keys of the user as another source of authentication. (This might be better if there was a means to sign other user's keys and notify them that you've signed it to allow them to re-upload the newly signed key?)
e.g. ✔ public key fingerprint: C499 65E1 3128 AAD9 9589 F5EC 3DCE F7AC B68F D3B5 ✔ "geofflane" on twitter: https://twitter.com/geofflane/status/444532350815203328 ✔ "geofflane" on github: https://gist.github.com/9553100 ✔ "geofflane" is trusted by "someone else, and another someone"