Russ Allbery dijo [Fri, Apr 04, 2014 at 04:23:03PM -0700]: > > Well, please enlighten me here: Without fully auditing the Javascript > > code you are using to do the crypto client-side, can you *really* be > > certain your private half has not travelled to Keybase? > > If Javascript running in a browser has access to your GPG secret key > without you explicitly pasting it into the browser, I think you have > larger problems....
Right. However, I guess that most uses of the app (other than sending a message saying "yes I'm here, this is me") will require pasting the key. Or not? Keybase users, please enlighten me: What do you do with it besides just existing on teh graph? -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20140405025649.gb86...@gwolf.org
