Hacker News new | past | comments | ask | show | jobs | submit login

For the distributed identity piece is there a good reason not to rely on keybase.io?

Also important that an initial smaller community would be targeted and that it would succeed there. FB did this will colleges, a federated one would in a world where FB already exists would have an even harder time.




> distributed identity piece is there a good reason not to rely on keybase.io

Depends on your definition of "distributed", I suppose


My impression was that keybase is distributed? Can it be used without talking to keybase's servers?


The Keybase server manages giving out usernames, and recording the proof URLs for users, and then your client hits the URLs, checks that the proofs are signed with the appropriate key, and caches them to watch for future discrepancies.

Keybase offers decentralized trust, in that the Keybase server can't lie to you about someone's keys -- your Keybase client will trust their public proofs and not the Keybase server -- but it's not a distributed/decentralized service as a whole, because you still receive hints from the server about where proofs live, and learn Keybase usernames from it.

(I work at Keybase.)


It looks like SSB is crying out for Keybase integration. Any plans for being able to add a SSB identity to my Keybase account?


Dunno! Would encourage SSB users to post the request to https://github.com/keybase/keybase-issues/issues/518.


Are you working on a fully decentralized architecture?


(Speaking personally, not sure what an official Keybase opinion would be.)

No, I don't think the tech is quite there yet. Even just handing out human-readable usernames requires blockchain-style consensus, and we don't have a blockchain being followed along by everyone's machines to adjudicate consensus requests (yet!).

The folks at Blockstack Labs are doing fine work in this area, though: https://blockstack.org/


Does keybase still upload the private PGP key to the keybase server by default? https://github.com/keybase/keybase-issues/issues/160


We're trying to move away from PGP to a per-device key model (keys never leave the client devices): https://keybase.io/blog/keybase-new-key-model


You did not answer my question, but I guess it does not matter with the new strategy. Looks like embrace-extend-extinguish to me – has it always been a goal of Keybase to replace PGP with something keybase-specific or did something change?


What the heck is keybase ? I went to the website and it does not offer a clue about what this is or how it works. It says "download the app" but is not an app. It says it's more than a website but does not seem to be distributed in any way.

The fact that it failed at the most basic thing of actually telling what it is about, what it does and how would be good reasons to not use keybase.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: