[messaging] key validation rules for today

Tim Bray tbray at textuality.com
Tue Sep 9 09:05:35 PDT 2014

On Mon, Sep 8, 2014 at 5:17 PM, Tom Ritter <tom at ritter.vg> wrote:

> If you're going to enumerate nuances of key authenticity, I think
> there's more. Some nuances that, to me, upgrade the authenticity of a
> key.
>  - If I receive the key over an anonymous channel vs a bound channel.
> (e.g. Tor vs Internet)

​[since I’m the the guy who keeps bringing up the keybase approach]​
- If there's a publicly-accessible tweet or github gist verifiably signed
by the private key associated with the public key, and you’re pretty ​sure
you know who controls those Twitter/github accounts.

[Trevor helped me with a message bounce and said this group hadn’t really
kicked keybase around yet, so I’ll separately do a quick overview].​
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://moderncrypto.org/mail-archive/messaging/attachments/20140909/f06ed4bc/attachment.html>

More information about the Messaging mailing list