<div dir="ltr"><div class="gmail_default" style="font-size:small">On Mon, Sep 8, 2014 at 5:17 PM, Tom Ritter <span dir="ltr"><<a href="mailto:tom@ritter.vg" target="_blank">tom@ritter.vg</a>></span> wrote:<br></div><div class="gmail_extra"><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">If you're going to enumerate nuances of key authenticity, I think<br>
there's more. Some nuances that, to me, upgrade the authenticity of a<br>
key.<br>
- If I receive the key over an anonymous channel vs a bound channel.<br>
(e.g. Tor vs Internet)<br></blockquote><div><br></div><div><div class="gmail_default" style="font-size:small">[since I’m the the guy who keeps bringing up the keybase approach]</div><div class="gmail_default" style="font-size:small"></div></div><div><span style="font-family:arial,sans-serif">- If there's a publicly-accessible tweet or github gist verifiably signed by the private key associated with the public key, and you’re pretty sure you know who controls those Twitter/github accounts.<div class="gmail_default" style="font-size:small;display:inline"></div></span></div><div><span style="font-family:arial,sans-serif"><div class="gmail_default" style="font-size:small;display:inline"><br></div></span></div><div><span style="font-family:arial,sans-serif"><div class="gmail_default" style="font-size:small;display:inline">[Trevor helped me with a message bounce and said this group hadn’t really kicked keybase around yet, so I’ll separately do a quick overview].</div></span><br></div><div><span style="font-family:arial,sans-serif"><br></span></div><div><br></div></div>
</div></div>