[messaging] twitter and github as key validators [was: Re: key validation rules for today]
mike at plan99.net
Mon Oct 13 11:59:30 PDT 2014
I'm just replying to ensure people see your message, which was spamfoldered
by Gmail. Yahoo and mailman don't mix these days because Yahoo has a strict
DMARC policy and mailman breaks email signatures (oh the irony).
On Thu, Sep 18, 2014 at 6:52 PM, KB Sriram <mail_kb at yahoo.com> wrote:
> Would adding the profile url as a uid on the key (in addition to
> publishing the fingerprint on the corresponding social media site)
> permit better corroborative evidence that the same person controls the
> key as well as the social media account?
> A client could then search keys by profile url, and select keys with
> the profile on the key as well as a matching fingerprint on the
> profile web site. It can run entirely on the client using existing
> keyservers and social profile web sites, and doesn't rely on a new
> I've created a small client tool that does just this at
> It isn't solo key validation by any means, but it is simple and would
> provide similar corroborative profile evidence that keybase.io offers
> [ie, someone who controls key K can publish to social account S]
> but without the complication of a separate service.
> This technique also has some handy secondary effects:
> - People can find your key by your social profile using existing (and
> distributed) keyservers.
> - Should you want, it's an easy way to consolidate your social
> personas via the key.
> Messaging mailing list
> Messaging at moderncrypto.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Messaging