• rezifon@lemmy.world
    link
    fedilink
    arrow-up
    7
    ·
    edit-2
    7 months ago

    This looks like an attempt to reproduce the web-of-trust functions provided by Keybase.io. Keybase has historically been a great resource that fills the same role as the PGP/GnuPG web of trust for a much broader range of identity attestations.

    An open implementation of this concept has been sorely needed since Keybase got bought and shitcanned by Zoom during the COVID lockdown. Zoom wanted to aqui-hire all the Keybase devs to boost development on their lacking encryption and security. Sadly, Keybase has basically been abandonware since then.

  • 4am
    link
    fedilink
    arrow-up
    6
    ·
    7 months ago

    Seems to me like this is stepping up to fill the spot that was left by Keybase

  • barbara@lemmy.ml
    link
    fedilink
    arrow-up
    4
    ·
    7 months ago

    It’s very complicated. Maybe the tutorials aren’t good enough (for me). It’s nice to have a site listing your various accounts. I proved mastodon and linked matrix but that’s it. At this state, not worth the trouble (for me)

  • taladar@sh.itjust.works
    link
    fedilink
    arrow-up
    3
    arrow-down
    1
    ·
    7 months ago

    It seems completely pointless to be honest.

    Who are you going to prove your cryptographic identity to? Why not just use that same (pretty flimsy) verification method they use directly with that person?

    • PoorPocketsMcNewHold@lemmy.ml
      link
      fedilink
      arrow-up
      2
      ·
      7 months ago

      What is that “(pretty flimsy) verification method” you are referring to ? Keyoxide is basically a web-interface (and accompanying tutorials) for PGP/ASP proofs. If you and your colleage know how, it’s not for you. I do think having a “web-PGP” passport page is easier to share, especially for just non-techy people.

      • taladar@sh.itjust.works
        link
        fedilink
        arrow-up
        1
        ·
        7 months ago

        I mean the whole “put something in your profile/in a post” part that is pretty flimsy.

        Also, non-techy people will not be able to use PGP at all, much less anything building on it that requires understanding of the trust relationships. Hell, even in a tech company we are having a hard time getting people to generate keys every couple of years.

  • devfuuu@lemmy.world
    link
    fedilink
    arrow-up
    2
    ·
    7 months ago

    It’s cool, needs some more work and eventually integrations with it. It’s nice to have an alternative to keybase but the things around keybase still need to be created.