![]() ![]() Keybase is not a trusted man-in-the-middle here, and no one else has keys. She decrypts the key, gaining access to the file. My app will check the signed statement from myself, check her tweet, make sure the proof is valid, and then send the decryption keys to her, encrypted for her device keys. When she someday establishes keys, and cryptographically proves her Twitter account, the Keybase servers will ping my apps and ask for me to make available the decryption key to her. In my above example, I've signed for myself a statement that I want Twitter user to have access, and I've asked the Keybase servers to let me know when she joins. You then encrypt a message for this key, and you also sign a statement for yourself, an assertion of who else should be allowed to have access to the key. The app generates a shared key for you and them. How does Keybase encrypt for a Twitter, GitHub, or Reddit user? “Screw backwards compatibility”- Matthew Green on PGP I give up. kiXxI0Cp4MBEQrs K7GWOZokzAqUGLq G3z8DArNvwA9cuG RVJQ4oZ8a6kmgd3 qqpCRVDtcqxZ2HW ZuSRwpJHGly1PV2 UeACoSpQTEhhd8w Sf5K7J1uW4txICM ZXH0S8QgWuOFCev 6vd2DBaUElYOGkw HtDeSrFbcqRsGAk Fa6AAS9EbdnBGB0 M92pqihmApoXGAQ HF0lPlskl91JF3J Q44wooGKAeFs87D lNNsUumFKgr3X1J ADqXdKxmDXPQi2u HWnJ9FCzbLG7LEd oN4E9nUMG2LurUG QPlkgeX3Y14PWb1 ESdmRVboDAxZfzN yuLP9Qpwwkzr0Vu fnuZyGkFr5Y82p3 zUEXZKFaUBEszNQ eKiDwtGtaEepDQ5 6X5CTYP0AShbSZl QB8RHZPbBL1ZZYR MPScK3A2qzdF67n DSohKN3y45vcdbX tTCK4LmjniGQoN1 5LyHNuHIlzX5Ovo mNm2Jfa0tM8GyHV NOs464JZ90rw70M gpwb1JnqIA1uAgS wQahJrPi80HLIVV Pku3rWpnEMKDp5m BC8BpVeP41f3b6N ysxn2S4KWoO5Fjo z9yebEzmdcvhn5p JQvqw708tElqB7p qoe02a3Hfq3i943 bmecQQb1h27bihx hMyYXDIExNOU0cq 1jC3jXCRKChv1O2 fSD2Xaw5JPcOeXZ uzilSlhHWgRtqqD weeBa26EMOQwIn2 eDu6ynC5qAr5ixS GXJ4T822jK2AZbs 6MuH1NgbBFTs8KA JlGkePbMpWXpMaJ 4jZTGvF1kJUtygJ WHBhy9z2PPxO9dT 3OLLZhMNDMU71dO 1T88eWSVJaah5Qx nkMZBlzHVMa5gNA fYg3WTXDdWeIteb L5cDQDFSyRN138H V2QKlEItOiWJ47z IVbWBKqRPTx1iuB 2pw2V7fSS0rlV6m j1kF7E2yRPcShOc sxSySzXEMeK3gVD PrVaVw8RhCkQlO2 8dWzaGaLkeoj9RL 77QD78IyKQp4ekS ZVnhBtghDZqWBqf b9LFzjdkLp6A2Iz CPZTWlbUrW0TD7K YEFb3uh4314nl1i 4Oa7cyAaKjFhX2z FcUomXmCclZs8kP 圆AvKhjuUD7LQJD fPFytzrHauHfbOL jyAO7FsFZoMJ6D3 LI2P6lmESsg0Hs8 ztuILDKY5YoKYNM ONje3RnzMcNjHpu ZQUo3SahMGqeFGR XUmvuH0qg7ww4EX uKrO3pwb8Sr4JEr cWkHgmYNpgLat7E ilwQoW038jsawm2 io1NWp2tS7vYPLo rjNu05StOQeLk04 12zlqNAkUzdgk21 GuvUo8l3ZKgpkTe lepVI4yeYRmFnNJ ksVgfegtmcNEyrU 6LB7CMkdJgpANyw Leb2KViZfMxjLPu bPxMrJhrhMBxcVF AepDEV07RCV6XbL xMtWdDBB2mYyPm3 Hhx0m4DR2XPws5E WgvHyBsl39Gu4Nz wGcyvsed594aqYA WiixSR8LhgACJCQ tDJitJYPpaAAEBX 4MFpuCuB5daZkJL Kq1MFYDIDy7Iunj O0myxh6qa66T4eS nJcP63aTZ3nQ8q8 81HZd9ojPMB4gnF VLejO8BQi8fvNog VipjGzC98PSnOZj A0y6R1. I just wrote the following message for Twitter user I simply typed her Twitter handle into the Keybase app and it worked.īEGIN KEYBASE SALTPACK ENCRYPTED MESSAGE. You can safely use Keybase's encryption for backups and similar purposes. The process of adding a device includes a step to ensure this works. They are not backed up to iCloud or Google.Īnd yet, here's the magic: when you encrypt a file in the Keybase app, it will be available for your-or recipients'- future devices too. Your work computer, your home computer, and your phone all have their own keys, which never leave them. Each of your installs gets its own private device key. With Keybase, you simply bring 2 devices together to provision the new one. How high, we asked, must we pin the goat entrails. How do we summon the private key from one device to another? Or shall we make a new key and somehow sign it? How many bits in this new key, we wondered. Recall getting a new computer in the olden PGP days. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |