[rakoo]

You _can_ do it but you would be the only one doing it, and as such it would provide little value because no one wants to do this manual dance and if you're such a minority then there will be no automated way to do it.

Keybase provides an (open!) protocol, along with (open source!) tools to do what you describe and then some (a lot of crypto stuff is needed, for instance). You can probably fork the keybase client and have your own hub at notkeybase.founderling.io if you want, so you can implement your very own idea if you so desire, and that would even be an interesting addition to the open web.

Also, you might have missed it but identity providers do not need to "apply" for keybase integration anymore: _any_ service can provide identity and link up with keybase without asking first (https://keybase.io/docs/proof_integration_guide). It doesn't even have to be a web service, so if they want any email provider can do it (although the whole linking thinking would be through http)

[coldacid]

Technically you don't need to ask first, but you still need to tell Keybase directly that you support their proof integration protocol in order to be supported from their side of the connection. Not so much a "please let me in" but rather "I'm ready to rock".

[rakoo]

Linking has to go both ways, it makes sense for the hub to vouch for it. Otherwise you have the same situation as the CAs without CTs: ie A can vouch for me, but I can't really vouch for this vouching, so another malicious B can vouch for a fake me.