[messaging] twitter and github as key validators [was: Re: key validation rules for today]

Tony Arcieri bascule at gmail.com
Tue Sep 9 14:35:27 PDT 2014

On Tue, Sep 9, 2014 at 2:18 PM, Daniel Kahn Gillmor <dkg at fifthhorseman.net>

> I'm not convinced that's what is novel about keybase.io, but i do think
> it's tricky to put your finger on what exactly keybase.io is offering
> that people find appealing.

I'm confused as well. Perhaps it's simply their visual design.

I think Keybase is in some sort of uncanny valley where it makes the PGP
experience prettier but not necessarily that much easier, especially for
novice users. As soon as you ask people to download and install a
command-line utility you've just lost most of the human population.

That said, the UX of existing keyservers is horrendous. For technical
users, I think Keybase does improve aspects of keyserver UX.

This is, again, why I'm more excited about systems in which a user's
service provider publishes keys on their behalf, provided there are checks
in place to help people detect if the key directory is being dishonest
about their key. These systems seem like they can be mostly transparent for
your average, non-technical user, which is the main thing I think is needed
right now.

Tony Arcieri
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://moderncrypto.org/mail-archive/messaging/attachments/20140909/ff5c31c3/attachment.html>

More information about the Messaging mailing list