At its core, it's just a keystore with some innovative verification features (face it: key signing parties weren't working). It has some optional sugar on top.
I do think it's a mistake for them to allow uploading your private key. They really shouldn't be encouraging private key promiscuity like that. Otherwise, I really like the service and hope it catches on.
No, and you also don't have to use its client software. You can (and I do) use the service solely by signing JSON documents locally and uploading the signature.
I do think it's a mistake for them to allow uploading your private key. They really shouldn't be encouraging private key promiscuity like that. Otherwise, I really like the service and hope it catches on.