Who are you going to prove your cryptographic identity to? Why not just use that same (pretty flimsy) verification method they use directly with that person?
What is that “(pretty flimsy) verification method” you are referring to ? Keyoxide is basically a web-interface (and accompanying tutorials) for PGP/ASP proofs. If you and your colleage know how, it’s not for you.
I do think having a “web-PGP” passport page is easier to share, especially for just non-techy people.
I mean the whole “put something in your profile/in a post” part that is pretty flimsy.
Also, non-techy people will not be able to use PGP at all, much less anything building on it that requires understanding of the trust relationships. Hell, even in a tech company we are having a hard time getting people to generate keys every couple of years.
It seems completely pointless to be honest.
Who are you going to prove your cryptographic identity to? Why not just use that same (pretty flimsy) verification method they use directly with that person?
What is that “(pretty flimsy) verification method” you are referring to ? Keyoxide is basically a web-interface (and accompanying tutorials) for PGP/ASP proofs. If you and your colleage know how, it’s not for you. I do think having a “web-PGP” passport page is easier to share, especially for just non-techy people.
I mean the whole “put something in your profile/in a post” part that is pretty flimsy.
Also, non-techy people will not be able to use PGP at all, much less anything building on it that requires understanding of the trust relationships. Hell, even in a tech company we are having a hard time getting people to generate keys every couple of years.
Hence, the ability to read from a PGP key, profile proofs easily on the internet. It’s for this specific use.