despeset
commented
9 years ago +1
Open sufianrhazi opened 9 years ago
despeset
commented
9 years ago +1
pathawks
commented
9 years ago Related: keybase/keybase-issues#1229
@malgorithms:
The debate on whether it's "severe danger" to symmetrically-encrypt an asymmetric private key, and store remotely, has been debated a bunch already. We disagree that it's such a danger, and a far bigger danger is a world where average users don't get PKI.
despeset
commented
9 years ago I'm not in disagreement with that at all. This change just means that uploading your private key to the server is not the default if you have generated your own locally, or are using an existing key. Lay users are likely to generate their keys on the keybase.io website anyway, where they are automatically opted in to this storage. It seems like a bigger UX problem to accidentally & irrevocably upload an advanced user's key than to not upload one for a naive user (who could then perform that step again).
logankoester
commented
9 years ago I strongly agree with @danielmendel. I trust Keybase as much as I trust anyone, but the idea that I might be one misstep away from uploading my private key somewhere keeps me awake at night.
Private keys (even when encrypted) are sensitive pieces of information. To promote better security practices, the default probably shouldn't be to trust anyone (even keybase) with them.