On Fri, Apr 04, 2014 at 05:26:40PM -0400, Paul Tagliamonte wrote: > On Fri, Apr 04, 2014 at 03:24:27PM -0600, Gunnar Wolf wrote: > > Right, I strongly agree with Luca here. > > I do too Likewise. > > To be clear, if I spot any key > > that's both in any of the Debian keyrings and in keybase.io, I will > > proceed as if the key had been lost or compromised and immediately > > remove it from our keyring. > > No, sorry. Don't do that. My key is on keybase, but *not the private > half* Likewise. I have signed up to keybase.io largely to kick the tires and see what I make of it. I will absolutely not be trusting any third party with the private half of my key on their servers, even if it's passphrase protected and the crypto carried out at the client side. J. -- Revd Jonathan McDowell, ULC | You non-conformists are all alike.
Description: Digital signature