<html><head><meta http-equiv="Content-Type" content="text/html charset=us-ascii"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;">On Sep 9, 2014, at 2:09 PM, Tao Effect <<a href="mailto:contact@taoeffect.com">contact@taoeffect.com</a>> wrote:<div><blockquote type="cite"><div style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;"><div dir="ltr"><div class="gmail_extra"><div class="gmail_quote">The lookup would proceed to those services, to which the keys are not pinned, so the scope widens a bit again, just enough to include the Five Eyes, the host companies themselves (twitter and github), and anyone who hacked them.</div></div></div></div></blockquote><div><div style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;"><div dir="ltr"><div class="gmail_extra"><div class="gmail_quote">[..]</div><div class="gmail_quote"><blockquote type="cite"><div style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;"><div dir="ltr"><div class="gmail_extra"><div class="gmail_quote">- For maybe <1%, it could provide false answers.</div></div></div></div></blockquote><div><div style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;"><div dir="ltr"><div class="gmail_extra"><div class="gmail_quote"><br></div></div></div></div></div></div><div class="gmail_quote">Oops, correction: if keybase pins their cert (and it's not compromised), then it would be able to detect false answers from twitter and github (even if they were compromised).</div><div class="gmail_quote"><br></div><div class="gmail_quote">The downside of a centralized service, however, is that it then becomes a single point of failure, and the incentive for malicious entities to attack it becomes greater.</div></div></div></div></div><div apple-content-edited="true">
<br class="Apple-interchange-newline"><span style="color: rgb(0, 0, 0); font-family: Helvetica; font-size: 14px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: 2; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; -webkit-text-stroke-width: 0px; display: inline !important; float: none;">--</span><br style="color: rgb(0, 0, 0); font-family: Helvetica; font-size: 14px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: 2; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; -webkit-text-stroke-width: 0px;"><div style="orphans: auto; widows: auto;"><span style="orphans: 2; widows: 2;">Please do not email me anything that you are not comfortable also sharing</span><span style="orphans: 2; widows: 2;"> with the NSA.</span></div></div><br></div></body></html>