[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: keybase.io

Gunnar Wolf <gwolf@gwolf.org> writes:

> Urgh...

> Well, please enlighten me here: Without fully auditing the Javascript
> code you are using to do the crypto client-side, can you *really* be
> certain your private half has not travelled to Keybase?

If Javascript running in a browser has access to your GPG secret key
without you explicitly pasting it into the browser, I think you have
larger problems....

Russ Allbery (rra@debian.org)               <http://www.eyrie.org/~eagle/>

Reply to: