This is AWESOME!!
Here's how to join @wiktor's decentralized keybase replacement effort, using myself as an example.
Thank you so much, Wiktor! That’s all I ever wanted Keybase to do for me. And now there’s a way to do this, but decentralized. This is awesome.
I added Reddit and Mastodon…
And I set up Wiktor‘s web app, too. https://alexschroeder.ch/openpgp/#0xdf9446eb7b7846387ccc018bc78ca29bacecfeae
@trechnex Well, I never went to a key signing party and I never signed a key so as far as I'm concerned, that mechanism doesn't work. If you do believe in the web of trust, then you don't need keybase or an alternative because who cares about social media accounts when you have signed proof of identity checking, right?
It'd be kind of like the page-rank algorithm for PGP keys, but would need some thought so you didn't have the equivalent of "SEO" types gaming the system.
@trechnex @kensanata @wiktor would this imply you can't ax an old key, and have to keep it safe and secure forever, or are you imagining some other vector? such as, someone verifying two or more of your social selfs as being connected? more or less independent of your PGP key, which is only the carrier of the information
If the system is going to last longer than five minutes, it probably needs a mechanism for lost keys to be revoked and replaced. So my best guess is trusting the creator of the keys and where you're verifying them rather than the keys themselves.
1: i sign your key because I'm drunk and it's fun
2: i sign your key because i verified your passport and trust that
½: i sign your key because i believe in the Web of Trust
and why i gave up on it:
1: i stopped having fun AND drinking
2: i'm not a cop
½: 1 & 2 made me stop believing in this
Cool! I will share your article with people that want to see how to add social proofs step by step. Thanks for writing it!
Maybe at the bottom you can add a note to publish the key because it may trip some people (proofs are not visible on the web page if they’re not on the key server).
I see on the screenshot that you have this User ID on your key: Alex Schroeder <firstname.lastname@example.org> if you want to you can also put your key on your own domain via Web Key Directory: https://metacode.biz/openpgp/web-key-directory so you wouldn’t have to use keyservers (keys.openpgp.org is fine with me btw :)).
See you! 👋
@kensanata How to pin someone else’s post
@kensanata Oh also! Could we figure out a way to verify your Discord user using a special server and the widget/embed API, and you post your proof in that channel?
@blake that sounds like a lot of work… maybe ask Wiktor?
@kensanata He’s probably the guy to ask, yep
The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!