|
|
|
|
|
|
by ygjb-dupe
3670 days ago
|
|
|
Uh, sure. But TBH, if I am going to go through the trouble of MITM'ing the site, then I am going to rewrite the site to: * include my awesome fingerprint * link to my awesome key * link to my l33t entry on keybase Side note - the CA model has issues, but in what world is pointing users to a VC funded startup that has only been around for two years "safer" than the flawed, but well understood security model of the CA system? I don't mean to impugn Keybase, from watching them I like what they are doing, but bootstrapping trust based on content they control is hardly ideal, and I would be shocked to hear someone say that Keybase is more reliable or more trustworthy than the CA/Browser Forum (10 years old) and the browser vendors (>20 years old depending on vendor/code base). |
|
|