[rk17]

Maybe. But just consider that GitHub popularized git among professional developers. I don't think it's the audience this initiative has to reach. Though it will certainly make crypto more accessible, I doubt that doing the analogous thing to github will give keybase the userbase that would most benefit from their services (less tech savvy people).

[edraferi]

Maybe not in this incarnation, but when they roll out an API it could be baked into all kinds of things.

For example, consider a multi-service contact managers like the Windows Phone People Hub or Contacts + on Android. They let you establish a database that represents people as collections of identities across various services. These services could add a feature that discovers public keys hosted with keybase.io for your contacts based on proofs offered by the identities you've already mapped to each contact. This could be presented as a simple "have key yes/no" indicator, and symbols showing which service-identity pairs have vouched for that key, as well as warnings if any of the identities have vouched for a DIFFERENT key.

Obviously client-to-client is always best, but you could extend this model to cloud services, even email. It could provide an organic authentication layer.

Now, you can argue that it's only as secure as your twitter / github / domain. Fine. But your twitter / github / domain ARE you on the internet. For most purposes, you're just "User X on Service Y". It can be useful to be able to prove that outside of Service Y. In addition, it's really valuable to be able to have multiple "proofs". An attacker would need to compromise four separate services to successfully spoof your identity (keybase, twitter, github, domain). That's not impossible, but it is hard and probably slow, especially if you're using two-factor authentication.

Finally, you can add additional out-of-band proofs. Hand-deliver a print out of your key to your associates, then they can pin that proof in the client and use keybase of on-the-fly verification, comparing everything to the key you provided them at your cypherpunk birthday party.

[rk17]

Nice counter-argument, with the concession that this is more like git than it is github. It might really put crypto on the radars of, and make it accessible to, the developers involved in these cloud services - which would be the equivalent of github. A jquery plugin that simply allows developers to include a verify-identity-feature, would actually go a lot further in bringing the rewards of crypto services to the larger audience, imho.

[Zigurd]

I think this is a fair criticism. However, if keybase is done right, it provides a place for consumer-facing email and storage services to do trust-able key exchange, using trust mechanisms embedded in services consumers already use.

With or without keybase, it is up to the major services to enable email and storage that uses public key encryption to secure it, and to do that with open source clients that can be verified.

[rk17]

So what crypto needs is an easy-to-use plugin for developers, so more end-users can take advantage of this software.