Preston Maness ☭<p><span class="h-card" translate="no"><a href="https://mastodon.ml/@Xeniax" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>Xeniax</span></a></span> Totally nerdsniped :D I'd love to be a part of the study.</p><p>I don't think that <a href="https://tenforward.social/tags/KeyServers" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>KeyServers</span></a> are dead. I think they evolved into Verifying Key Servers (VKS), like the one run by a few folks from the OpenPGP ecosystem at <a href="https://keys.openpgp.org/about" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">keys.openpgp.org/about</span><span class="invisible"></span></a> . More generally, I believe that <a href="https://tenforward.social/tags/PGP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PGP</span></a> / <a href="https://tenforward.social/tags/GPG" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GPG</span></a> / <a href="https://tenforward.social/tags/OpenPGP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenPGP</span></a> retains important use-cases where accountability is prioritized, as contrasted with ecosystems (like <a href="https://tenforward.social/tags/Matrix" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Matrix</span></a>, <a href="https://tenforward.social/tags/SignalMessenger" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SignalMessenger</span></a>) where deniability (and Perfect Forward Secrecy generally) is prioritized. Further, PGP can still serve to bootstrap those other ecosystems by way of signature notations (see the <a href="https://tenforward.social/tags/KeyOxide" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>KeyOxide</span></a> project).</p><p>Ultimately, the needs of asynchronous and synchronous cryptographic systems are, at certain design points, mutually exclusive (in my amateur estimation, anyway). I don't think that implies that email encryption is somehow a dead-end or pointless. Email merely, by virtue of being an asynchronous protocol, cannot meaningfully offer PFS (or can it? Some smart people over at crypto.stackexchange.com seem to think there might be papers floating around that can get at it: <a href="https://crypto.stackexchange.com/questions/9268/is-asynchronous-perfect-forward-secrecy-possible" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">crypto.stackexchange.com/quest</span><span class="invisible">ions/9268/is-asynchronous-perfect-forward-secrecy-possible</span></a>).</p><p>To me, the killer feature of PGP is actually not encryption per se. It's certification, signatures, and authentication/authorization. I'm more concerned with "so-and-so definitely said/attested to this" than "i need to keep what so-and-so said strictly private/confidential forever and ever." What smaller countries like Croatia have done with <a href="https://tenforward.social/tags/PKI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PKI</span></a> leaves me green with envy.</p>
Recent searches
No recent searches
Search options
Only available when logged in.
fosstodon.org is one of the many independent Mastodon servers you can use to participate in the fediverse.
Fosstodon is an invite only Mastodon instance that is open to those who are interested in technology; particularly free & open source software.
If you wish to join, contact us for an invite.
Administered by:
Server stats:
10Kactive users
fosstodon.org: About · Status · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.3.7
#keyoxide
2 posts · 2 participants · 1 post today
Anthony Sorace<p>Anyone here ever used the <a href="https://pdx.social/tags/keyoxide" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>keyoxide</span></a> iOS app? How do you get your private key for a profile you create in it?</p>
Dan ⁂<p><a href="https://beoriginal.social/tags/keyoxide" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>keyoxide</span></a> looks like a nice useful tool - any true benefits over a normal website? <a href="https://keyoxide.org" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">keyoxide.org</span><span class="invisible"></span></a></p>
W3Teal<p>Flawless verification 😌<br /><a href="https://keyoxide.org/aspe:keyoxide.org:YM7J2J5UIVYRWSHRSOTYFYJ2HQ" target="_blank" rel="nofollow noopener noreferrer" translate="no"><span class="invisible">https://</span><span class="ellipsis">keyoxide.org/aspe:keyoxide.org</span><span class="invisible">:YM7J2J5UIVYRWSHRSOTYFYJ2HQ</span></a><br /><a href="https://fosstodon.org/tags/keyoxide" class="mention hashtag" rel="tag">#<span>keyoxide</span></a> <a href="https://fosstodon.org/tags/verification" class="mention hashtag" rel="tag">#<span>verification</span></a> <a href="https://fosstodon.org/tags/links" class="mention hashtag" rel="tag">#<span>links</span></a></p>
chimbosonic<p>Introducing WKD Tester – a free, open-source tool for testing OpenPGP Web Key Directory implementations! I built it to help out with the Keyoxide project, making it easier to generate lookup URIs and discover keys on the fly. Check it out at <a href="https://wkd.chimbosonic.com" target="_blank" rel="nofollow noopener noreferrer" translate="no"><span class="invisible">https://</span><span class="">wkd.chimbosonic.com</span><span class="invisible"></span></a>.</p><p><a href="https://fosstodon.org/tags/OpenPGP" class="mention hashtag" rel="tag">#<span>OpenPGP</span></a> <a href="https://fosstodon.org/tags/WKD" class="mention hashtag" rel="tag">#<span>WKD</span></a> <a href="https://fosstodon.org/tags/opensource" class="mention hashtag" rel="tag">#<span>opensource</span></a> <a href="https://fosstodon.org/tags/cybersecurity" class="mention hashtag" rel="tag">#<span>cybersecurity</span></a> <a href="https://fosstodon.org/tags/Keyoxide" class="mention hashtag" rel="tag">#<span>Keyoxide</span></a></p>
chimbosonic<p>Hoping to meet fans of <a href="https://fosstodon.org/tags/Keyoxide" class="mention hashtag" rel="tag">#<span>Keyoxide</span></a> and catchup with some of its maintainers at <a href="https://fosstodon.org/tags/FOSDEM" class="mention hashtag" rel="tag">#<span>FOSDEM</span></a>. If you want an awesome <a href="https://fosstodon.org/tags/3DPrinted" class="mention hashtag" rel="tag">#<span>3DPrinted</span></a> <a href="https://fosstodon.org/tags/Keyoxide" class="mention hashtag" rel="tag">#<span>Keyoxide</span></a> MakerChip hit me up!</p>
Preston Maness ☭<p><a href="https://tenforward.social/tags/gpg" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>gpg</span></a> key expirations have been updated for another two-year bump. I also removed <a href="https://tenforward.social/tags/twitter" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>twitter</span></a> / X signature notation (I've deleted my account there), and added a bunch of other signature notations for other places I am online. It's making my <a href="https://tenforward.social/tags/keyoxide" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>keyoxide</span></a> page look dirty, but I intend to try and add support for as many of these as possible in the next few months.</p><p>Also, I updated my <a href="https://tenforward.social/tags/tails" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>tails</span></a> <a href="https://tenforward.social/tags/TailsOS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>TailsOS</span></a> installation while I was at it. I do most of my GPG key work from that environment.</p><p><a href="https://tenforward.social/tags/pgp" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>pgp</span></a> <a href="https://tenforward.social/tags/OpenPGP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenPGP</span></a></p>
Preston Maness ☭<p><span class="h-card" translate="no"><a href="https://fedi.hyperreal.coffee/@hyperreal" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>hyperreal</span></a></span> From having implemented a <a href="https://tenforward.social/tags/keyoxide" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>keyoxide</span></a> claim verification service once, I can say that IRC and XMPP were far and away the most flaky endpoints to talk to, followed by Matrix. Ultimately, chat programs aren't really optimized for constantly serving up old messages at random (what Matrix claim verification does IIRC) and bots aren't always well-behaved (what IRC claim verification does IIRC). XMPP at least has the concept of storing non-message data (from some XEP or another; can't remember which) though.</p>
mauvehed 🐿️ (KØMVH)<p>Keybase is dead! Long live Keyoxide!</p><p><a href="https://keyoxide.org/aspe%3Akeyoxide.org%3AGK4JFFYSVEI5NMLLGAXX22QZAU" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">keyoxide.org/aspe%3Akeyoxide.o</span><span class="invisible">rg%3AGK4JFFYSVEI5NMLLGAXX22QZAU</span></a></p><p>Fingerprint: GK4JFFYSVEI5NMLLGAXX22QZAU</p><p><a href="https://defcon.social/tags/Keybase" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Keybase</span></a> <a href="https://defcon.social/tags/Keyoxide" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Keyoxide</span></a> <a href="https://defcon.social/tags/Hackers" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Hackers</span></a> <a href="https://defcon.social/tags/Security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Security</span></a> <a href="https://defcon.social/tags/Privacy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Privacy</span></a> <a href="https://defcon.social/tags/Identity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Identity</span></a> <a href="https://defcon.social/tags/Encryption" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Encryption</span></a></p>
Pixelcode 🇺🇦<p>The workflow of creating an <a href="https://social.tchncs.de/tags/Ariadne" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Ariadne</span></a> signature profile on <span class="h-card" translate="no"><a href="https://fosstodon.org/@keyoxide" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>keyoxide</span></a></span> is so much smoother than the <a href="https://social.tchncs.de/tags/GPG" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GPG</span></a> equivalent! <a href="https://social.tchncs.de/tags/keyoxide" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>keyoxide</span></a></p><p>• no looking up of command-line options<br>• no weird “notations”<br>• no exporting with --armor and copying .asc files<br>• no dealing with keyservers</p><p>You just fill in a couple input fields on <a href="https://asp.keyoxide.org" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">asp.keyoxide.org</span><span class="invisible"></span></a> & save your key somewhere. Done. I'd say <a href="https://social.tchncs.de/tags/ASP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ASP</span></a> would be a nice addition to <span class="h-card" translate="no"><a href="https://furry.engineer/@soatok" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>soatok</span></a></span>'s list of <a href="https://social.tchncs.de/tags/PGP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PGP</span></a> alternatives! 😎 <a href="https://soatok.blog/2024/11/15/what-to-use-instead-of-pgp/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">soatok.blog/2024/11/15/what-to</span><span class="invisible">-use-instead-of-pgp/</span></a></p><p><a href="https://keyoxide.org/aspe:keyoxide.org:CSY6CYWH443HWQ5LCB6IDQFWVU" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">keyoxide.org/aspe:keyoxide.org</span><span class="invisible">:CSY6CYWH443HWQ5LCB6IDQFWVU</span></a></p>
Pixelcode 🇺🇦<p>You may have noticed that I updated my <a href="https://social.tchncs.de/tags/Keyoxide" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Keyoxide</span></a> profile link in various places. That was legit – my old RSA <a href="https://social.tchncs.de/tags/OpenPGP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenPGP</span></a> key had expired back in early November without me noticing, and yesterday, I created a new <a href="https://social.tchncs.de/tags/ed25519" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ed25519</span></a> key. If you still see my old Keyoxide link somewhere, please tell me. <a href="https://social.tchncs.de/tags/pgp" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>pgp</span></a> <a href="https://social.tchncs.de/tags/rsa" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>rsa</span></a></p><p>🔗 <a href="https://keyoxide.org/FEF07E34F003F58EF486E744A49FCA80F5B7DE61" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">keyoxide.org/FEF07E34F003F58EF</span><span class="invisible">486E744A49FCA80F5B7DE61</span></a></p><p>First, however, I had to manually update <a href="https://social.tchncs.de/tags/GPG" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GPG</span></a> to version 2.4 by compiling it from source. 🤡</p><p>🔗 <a href="https://www.procustodibus.com/blog/2023/02/gpg-2-4-on-ubuntu-22-04/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">procustodibus.com/blog/2023/02</span><span class="invisible">/gpg-2-4-on-ubuntu-22-04/</span></a></p><p>QT <a href="https://fed.brid.gy/r/https://bsky.app/profile/did:plc:dxkyhpbv4bsktz3x2yp6m2rz/post/3lcvpgpgnu22j" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">fed.brid.gy/r/https://bsky.app</span><span class="invisible">/profile/did:plc:dxkyhpbv4bsktz3x2yp6m2rz/post/3lcvpgpgnu22j</span></a></p>
Preston Maness ☭<p><span class="h-card" translate="no"><a href="https://social.lol/@prami" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>prami</span></a></span> Keybase has been on life support for a while now. Thankfully, there's <a href="https://tenforward.social/tags/KeyOxide" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>KeyOxide</span></a> as an alternative.</p>
HoldMyType<p><span class="h-card" translate="no"><a href="https://floss.social/@fdroidorg" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>fdroidorg</span></a></span> yes but <br>- gmail is unlikely to accept <a href="https://mathstodon.xyz/tags/jmap" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>jmap</span></a> <br>- <a href="https://mathstodon.xyz/tags/keyoxide" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>keyoxide</span></a> qr scan of 2 keys didnt work today on okc <br>- encoding from der to pfx <a href="https://mathstodon.xyz/tags/openssl" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>openssl</span></a> <br><a href="https://mathstodon.xyz/tags/mutt" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>mutt</span></a> is simpler</p>
BTW I'm not Finnish<p>Glad to know we can now verify <a href="https://scg.owu.one/tags/gotosocial" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GotoSocial</span></a> accounts (and most other ActivityPub accounts) on <a href="https://scg.owu.one/tags/keyoxide" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Keyoxide</span></a> !</p>
Binzy_Boi<p>Are there currently any Keyoxide providers outside of the main site?</p><p><a href="https://piefed.social/post/193653" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">piefed.social/post/193653</span><span class="invisible"></span></a></p>
tallship<p><a class="hashtag" href="https://public.mitra.social/collections/tags/keyoxide" rel="nofollow noopener noreferrer" target="_blank">#KeyOxide</a> Mobile 2.4 has been released</p><p><a href="https://berkersen.dev/keyoxide-mobile-240" rel="nofollow noopener noreferrer" target="_blank">https://berkersen.dev/keyoxide-mobile-240</a></p><p><a class="hashtag" href="https://public.mitra.social/collections/tags/tallship" rel="nofollow noopener noreferrer" target="_blank">#tallship</a> <a class="hashtag" href="https://public.mitra.social/collections/tags/foss" rel="nofollow noopener noreferrer" target="_blank">#FOSS</a> <a class="hashtag" href="https://public.mitra.social/collections/tags/privacy" rel="nofollow noopener noreferrer" target="_blank">#privacy</a> <a class="hashtag" href="https://public.mitra.social/collections/tags/identity" rel="nofollow noopener noreferrer" target="_blank">#identity</a></p><p>⛵</p>
Berker<p>🚀 Keyoxide Mobile 2.4.0 is here with offline-mode support! 🔒 But before you update, please back up your profiles and contacts as this update will wipe them out locally. For more info: <a href="https://berkersen.dev/keyoxide-mobile-240" target="_blank" rel="nofollow noopener noreferrer" translate="no"><span class="invisible">https://</span><span class="ellipsis">berkersen.dev/keyoxide-mobile-</span><span class="invisible">240</span></a> 📱 <a href="https://fosstodon.org/tags/Keyoxide" class="mention hashtag" rel="tag">#<span>Keyoxide</span></a> <a href="https://fosstodon.org/tags/Privacy" class="mention hashtag" rel="tag">#<span>Privacy</span></a> <a href="https://fosstodon.org/tags/DigitalIdentity" class="mention hashtag" rel="tag">#<span>DigitalIdentity</span></a> <a href="https://fosstodon.org/tags/OfflineMode" class="mention hashtag" rel="tag">#<span>OfflineMode</span></a></p>
Dominik Wombacher<p>I stumbled across Keyoxide today. I gave it a shot, created and uploaded an ASP [1]. Now I have my own profile [2] that verifies some of my identities, neat! Adding my mail throws an error message though. I use WKD to publish my OpenPGP key [3]. I learned that my mail address is therefore already discovered by keyoxide.org [4], can't be used twice as it seems.</p><p>[1] <a href="https://asp.keyoxide.org" target="_blank" rel="nofollow noopener noreferrer" translate="no"><span class="invisible">https://</span><span class="">asp.keyoxide.org</span><span class="invisible"></span></a><br />[2] <a href="https://keyoxide.org/aspe:keyoxide.org:CDKSMZK6K2WIQFSXRLHXVRIJ6E" target="_blank" rel="nofollow noopener noreferrer" translate="no"><span class="invisible">https://</span><span class="ellipsis">keyoxide.org/aspe:keyoxide.org</span><span class="invisible">:CDKSMZK6K2WIQFSXRLHXVRIJ6E</span></a><br />[3] <a href="https://dominik.wombacher.cc/posts/my-gpg-key-is-now-available-via-web-key-directory-wkd.html" target="_blank" rel="nofollow noopener noreferrer" translate="no"><span class="invisible">https://</span><span class="ellipsis">dominik.wombacher.cc/posts/my-</span><span class="invisible">gpg-key-is-now-available-via-web-key-directory-wkd.html</span></a><br />[4] <a href="https://keyoxide.org/dominik@wombacher.cc" target="_blank" rel="nofollow noopener noreferrer" translate="no"><span class="invisible">https://</span><span class="ellipsis">keyoxide.org/dominik@wombacher</span><span class="invisible">.cc</span></a></p><p><a href="https://fosstodon.org/tags/keyoxide" class="mention hashtag" rel="tag">#<span>keyoxide</span></a> <a href="https://fosstodon.org/tags/openpg" class="mention hashtag" rel="tag">#<span>openpg</span></a> <a href="https://fosstodon.org/tags/wkd" class="mention hashtag" rel="tag">#<span>wkd</span></a></p>
chimbosonic<p><span class="h-card" translate="no"><a href="https://social.anoxinon.de/@Codeberg" class="u-url mention">@<span>Codeberg</span></a></span> <a href="https://fosstodon.org/tags/keyoxide" class="mention hashtag" rel="tag">#<span>keyoxide</span></a>, <a href="https://fosstodon.org/tags/Tor" class="mention hashtag" rel="tag">#<span>Tor</span></a>, <a href="https://fosstodon.org/tags/Hagrid" class="mention hashtag" rel="tag">#<span>Hagrid</span></a> and <a href="https://fosstodon.org/tags/Veilid" class="mention hashtag" rel="tag">#<span>Veilid</span></a></p>
Kristófer Reykjalín<p><a href="https://fosstodon.org/tags/Gravatar" class="mention hashtag" rel="tag">#<span>Gravatar</span></a> has come a really long way. I think I might make that my main "all my links" hub in addition to <a href="https://fosstodon.org/tags/Keyoxide" class="mention hashtag" rel="tag">#<span>Keyoxide</span></a> 🤔 </p><p>It just looks nice!</p><p><a href="https://gravatar.com/kreykjalin" target="_blank" rel="nofollow noopener noreferrer" translate="no"><span class="invisible">https://</span><span class="">gravatar.com/kreykjalin</span><span class="invisible"></span></a></p><p>Full disclosure: I work for <a href="https://fosstodon.org/tags/Automattic" class="mention hashtag" rel="tag">#<span>Automattic</span></a>, the company that maintains Gravatar.</p>
ExploreLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
LoginDrag & drop to upload