Follow

Hi @rob@fosstodon.org ,

I'm not aware of a single drop-in-replacement for 🤔 Here are some ideas:

💬 End-to-end-encrypted chat
- /
- with OMEMO encryption

🔒 Encrypted Storage
-
- maybe for some use cases

🔗 Linking keys to accounts
- Sorry, I'm inexperienced here 😅
- for PGP keys: Public PGP key servers
- for Mastodon: profile link to website with key infos + "rel=me" link

Gonna share your post for more feedback on this 🙂

@switchingsoftware @rob For OpenPGP keys, I recommend to use WKD. When you own a domain, that's definitely the perfect way to go.

Otherwise you might want to reach out to @wiktor about his work on OpenPGP key based verification of accounts :)

@sheogorath @switchingsoftware @rob @wiktor definitely use WKD rather than the keyservers. The keyservers are a dumpster fire.

@sheogorath @switchingsoftware @rob @wiktor @hoptank Thanks, that's useful. It's a little annoying that the author used the term "certificates" (which is SSL jargon). We say "public key" & "private key" when discussing #PGP. Anyway, glad to know about key poisoning, and why I've been unable to get old keys removed from keyservers.

@aktivismoEstasMiaLuo

Certificate is a very regular term, it just happens to be mostly known from x509, because it's the most common use case in e.g. TLS. But we also have non-x509 certificates for SSH or as you noticed, OpenPGP. A certificate is basically a public key signed by another private key which attests it's validity. Therefore certificate is a universal term but NOT THE SAME THING as a public key.

@switchingsoftware @rob @wiktor @hoptank

Sign in to participate in the conversation
switching.software

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!