[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] PGP and Signed Messages,



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

El 18/02/16 a las 18:32, Anthony Papillion escribió:
> What is stopping me from creating a fictitious key for you and then
> going and registering a Keybase account for that key, pretending to
> be you and listing all of your social media accounts as my own? Is
> there some sort of verification that happens?
> 

Yes, there is a verification process for each supported
account/website on Keybase.

For Twitter, it's a tweet with some verification ID.
For GitHub, it's a gist called keybase.md.
For Reddit, it's a post on https://www.reddit.com/r/KeybaseProofs.

For both last verification processes, it contains some code and a PGP
message.

> I'm not a Keybase user (I've been waiting for more than a year and
> a half, I believe for an invite from them)
> 

If you are still interested, I could send you one.
- -- 
Juan Miguel Navarro Martínez

GPG Keyfingerprint:
5A91 90D4 CF27 9D52 D62A
BC58 88E2 947F 9BC6 B3CF
-----BEGIN PGP SIGNATURE-----

iQEcBAEBCgAGBQJWx2L/AAoJECDeJXHIWzXQgNIH/3D6068lXfmC+yPnR13Bg/Nh
oxrKdntQcadRG2aw8GsCF/9jrjD38FCL4lEgR67bcfAzKxN1UEGhz8A1CogQkMaU
pUYv2x0kQJyLdMaj09UC0l65FgkuR9irOmXoepyhIGxxnoPGv41NZLtPXrMRA38W
3uL1kMA6QKbKtzeyv4RdgYRGVYgRNZW5KDmI+fsy1KURAgAB4Zbvb5V3h8KvN/8b
bbT4/XTYD5xxCDEYUfFdX6zZnD8JVUlwh7DGyM0H0T0rKp8GIm9NedMICrJpodln
GU9wBw2Qezv1dIa+Dm5Y6iNC0TXmcKf43j20O4NMzLDkntAIQDqW/aTOEpyuF1k=
=JY5O
-----END PGP SIGNATURE-----
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk