[messaging] twitter and github as key validators [was: Re: key validation rules for today]

Tim Bray tbray at textuality.com
Tue Sep 9 13:40:47 PDT 2014


On Tue, Sep 9, 2014 at 1:00 PM, Ruben Pollan <meskio at sindominio.net> wrote:

> > 2) ​You want to communicate with me, Tim Bray, and go looking for a key
> for me.
> >  You discover that there is a directory of keys, and you can retrieve a
> public
> > key from it, and the corresponding private key has been used to sign a
> > time-stamped tweet from @timbray and gist from github/timbray and an
> assertion
> > at tbray.org, and because you know who I am on Twitter and github and
> what my
> > personal domain is, and you can check the signatures, you are prepared to
> > believe that that public key is appropriate for communication with me.
>
> Yes, but I don't have any way to audit twitter or github. As dkg is
> mentioning
> in his email you are putting them in the role of a CA without their
> consent.
>

​The role of a CA?!? Not in the slightest.  You are piggybacking on their
authent system using public-facing well-documented ​interfaces.  Confidence
in key ownership isn’t absolute, it’s statistical.  “Here is some evidence,
you can choose whether or not to be convinced.”  For my purposes, tying a
key to the ownership of this sort of public-facing account is practical and
useful evidence.  The nice thing about the system is that you don’t have to
trust the directory in the slightest, and you really only have to trust the
proof statements in aggregate.

I haven’t made up my mind about the actual keybase.io project yet (among
other things it’s unclear what they want to be) but the
directory-that-you-look-evidence-up-in-but-don’t-have-to-trust feels like
the only credible new thing in key discovery I’ve seen in a loooooong time.
​​
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://moderncrypto.org/mail-archive/messaging/attachments/20140909/0645a466/attachment.html>


More information about the Messaging mailing list