[forgotmypw16]

I'm using OpenPGP.js for drop-in decentralized client-side authentication for my web-based message board.

This has several benefits, which includes giving technically-savvy users to do their own key generation and message signing using whatever tools they prefer, using one of the most widely used encryption/signing standards in existence.

Meanwhile, non-technical users can create a new profile with literally one click and a couple seconds of compute time on their device. They can then back up the key as a text-file and use it on any compatible site.

I think that the potential of PGP has barely been grazed by Keybase, and there are many more applications than we've even hypothesized so far.

[swiley]

You should definitely not be encouraging your users to give their private keys to js on other sites, that’s just as bad (or maybe worse) as encouraging them to reuse passwords.

[forgotmypw16]

That's a good point... Perhaps a better solution is for them to be able to sign the public keys from the other sites to connect their profiles that way.

Thank you for your feedback. I can see now how a malicious system operator could steal the user's private key by modifying the JS.

[GTP]

He's talking about giving their public key, not the private key that has to remain on the user's device(s) under all circumstances.

[forgotmypw16]

The private key is stored in localStorage, but this is not the user's "real" private key which they might use for email, but a temporary device key, which can then be vouched either by admin or by user.

[GTP]

I'm not understanding how this works, then. Are you using the user's private key to somehow derive temporary device keys?

[forgotmypw16]

Generate a PGP key using in-browser JS. Use that key submitted posts.

Then, later, sign either the file hashes or the public key itself using actual secure PGP. This is optional.

I'm not claiming any level of security, this is all mostly UI prototyping.

[GTP]

Sorry, what do you mean by "Use that key submitted posts"?

[DyslexicAtheist]

> encouraging your users to give their private keys

I read it twice and still can't find the place where it was mentioned this to be the case.

[forgotmypw16]

I'm generating the keys in-browser for device-specific keys. I am not asking the users to provide their existing private keys, but I am storing the device keys in localStorage, because, where else?

The advanced users can then use their existing PGP keys to sign the device keys.

But this is not necessary in every environment, because in some situations, e.g. casual chat or internal boards, you don't need that kind of extended security, and temporary device keys, perhaps vouched by the operator, are sufficient.

[qqii]

That sounds really interesting, would you be willing to share a link to the message board so I can see what your account creation process looks like? The other most common place I've seen PGP used as an account identifier are in darknet markets, where users are warned to use a GPG binary from a trusted source and against whatever serverside system that was built for ease of UX.

Related to the issue that swiley mentions, I'm not really sold that attributing the user to a string of digits is good UX, whereas I like how keybase puts a distinction between identity and secrets.

A "keybase proof" simply shows that at some point a singular identity had access to a multitude of accounts, but has no guarantees about the current account holders. This may seem like a negative but shifting the responsibility onto account holders to protect their secrets is more reasonable than assigning the identity of an individual to a single, long term secret [0] or deal with key transition.

[0]: https://latacora.micro.blog/2019/07/16/the-pgp-problem.html#...

[forgotmypw16]

http://hike.qdb.us/profile.html

js required for key generation