Open kschu opened 10 years ago
kschu
commented
10 years ago I did finally find a copy of the key fingerprint on-line. But I found it on a page where I really was not looking for the key fingerprint. 'https://keybase.io/__/command_line/keybase#our_key'
So this may not be such an urgent issue, but it is certainly something I suggest you put on your list. That key fingerprint needs to be much easier to find and more prominently posted.
malgorithms
commented
10 years ago Hi Ken, thanks for opening this issue.
I actually added that location after you opened the issue initially, in response to it. I also link to it in the explanation now on the installer page. (which I think you might've seen if it had been there when you first started looking.)
We have a couple other keys to post too, not just our code signing one. So we have to think about where those will go. Likely we'll have a prominent link in the footer of the site to some page which has all our keys.
Your "Keybase.io Code Signing (v1) code@keybase.io" GPG key fingerprint needs to be available in some obvious place on the keybase.io website. I have browsed much of your site looking for that fingerprint with no luck finding it.
At the very least you should have the fingerprint listed on the page at "https://keybase.io/__/command_line/keybase#installation".
It would also add to the key's trustworthiness if you added some well-connected signatures to the key.