Create accountLogin

Recent searches

No recent searches

Search options

Only available when logged in.
mstdn.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
A general-purpose Mastodon server with a 500 character limit. All languages are welcome.

Administered by:

Server stats:

15K
active users

mstdn.social: AboutStatusProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.3.4

#keyoxide

0 posts0 participants0 posts today
Replied in thread
Public
Preston Maness ☭

@Xeniax Totally nerdsniped :D I'd love to be a part of the study.

I don't think that #KeyServers are dead. I think they evolved into Verifying Key Servers (VKS), like the one run by a few folks from the OpenPGP ecosystem at keys.openpgp.org/about . More generally, I believe that #PGP / #GPG / #OpenPGP retains important use-cases where accountability is prioritized, as contrasted with ecosystems (like #Matrix, #SignalMessenger) where deniability (and Perfect Forward Secrecy generally) is prioritized. Further, PGP can still serve to bootstrap those other ecosystems by way of signature notations (see the #KeyOxide project).

Ultimately, the needs of asynchronous and synchronous cryptographic systems are, at certain design points, mutually exclusive (in my amateur estimation, anyway). I don't think that implies that email encryption is somehow a dead-end or pointless. Email merely, by virtue of being an asynchronous protocol, cannot meaningfully offer PFS (or can it? Some smart people over at crypto.stackexchange.com seem to think there might be papers floating around that can get at it: crypto.stackexchange.com/quest).

To me, the killer feature of PGP is actually not encryption per se. It's certification, signatures, and authentication/authorization. I'm more concerned with "so-and-so definitely said/attested to this" than "i need to keep what so-and-so said strictly private/confidential forever and ever." What smaller countries like Croatia have done with #PKI leaves me green with envy.

keys.openpgp.orgkeys.openpgp.org
Public
André Jaenisch Web-Development & -Consulting

Today I moved more services to the new infrastructure. Among them #Keyoxide and #Grafana (with #Telegraf and #Prometheus piggybacking).

#TIL: the localhost on the host is different from the localhost within a container. This can pose a challenge if you want to process from the host (via Telegraf or Node Exporter, as example) within the container.

It's true that there is a hostname that resolves to the host: host.containers.internal (for #Podman. #Docker has host.docker.internal)
But this is the public IP, i.e. the Internet exposed one.

Those magic hostnames could be used within prometheus.yml instead of localhost you tend to see there.

If you really need to access the host network, it would require to tear down the network isolation.

In other words: you have to pick a poison. I found an approach that is limiting the attack surface sufficiently low for my taste.

The remaining ones can be more challenging as they haven't been packaged for containers yet.

But that's something I wanted to learn anyway.

Public *
Preston Maness ☭

#gpg key expirations have been updated for another two-year bump. I also removed #twitter / X signature notation (I've deleted my account there), and added a bunch of other signature notations for other places I am online. It's making my #keyoxide page look dirty, but I intend to try and add support for as many of these as possible in the next few months.

Also, I updated my #tails #TailsOS installation while I was at it. I do most of my GPG key work from that environment.

#pgp#OpenPGP
Replied in thread
Public
Preston Maness ☭

@hyperreal From having implemented a #keyoxide claim verification service once, I can say that IRC and XMPP were far and away the most flaky endpoints to talk to, followed by Matrix. Ultimately, chat programs aren't really optimized for constantly serving up old messages at random (what Matrix claim verification does IIRC) and bots aren't always well-behaved (what IRC claim verification does IIRC). XMPP at least has the concept of storing non-message data (from some XEP or another; can't remember which) though.

Public
Pixelcode 🇺🇦

The workflow of creating an #Ariadne signature profile on @keyoxide is so much smoother than the #GPG equivalent! #keyoxide

• no looking up of command-line options
• no weird “notations”
• no exporting with --armor and copying .asc files
• no dealing with keyservers

You just fill in a couple input fields on asp.keyoxide.org & save your key somewhere. Done. I'd say #ASP would be a nice addition to @soatok's list of #PGP alternatives! 😎 soatok.blog/2024/11/15/what-to

keyoxide.org/aspe:keyoxide.org

asp.keyoxide.orgKeyoxide ASP Tool
Public *
Pixelcode 🇺🇦

You may have noticed that I updated my #Keyoxide profile link in various places. That was legit – my old RSA #OpenPGP key had expired back in early November without me noticing, and yesterday, I created a new #ed25519 key. If you still see my old Keyoxide link somewhere, please tell me. #pgp #rsa

🔗 keyoxide.org/FEF07E34F003F58EF

First, however, I had to manually update #GPG to version 2.4 by compiling it from source. 🤡

🔗 procustodibus.com/blog/2023/02

QT fed.brid.gy/r/https://bsky.app

keyoxide.orgPixelcode - KeyoxideModern and secure platform to manage a decentralized identity based on cryptographic keys
Public
Dominik Wombacher

I stumbled across Keyoxide today. I gave it a shot, created and uploaded an ASP [1]. Now I have my own profile [2] that verifies some of my identities, neat! Adding my mail throws an error message though. I use WKD to publish my OpenPGP key [3]. I learned that my mail address is therefore already discovered by keyoxide.org [4], can't be used twice as it seems.

[1] asp.keyoxide.org
[2] keyoxide.org/aspe:keyoxide.org
[3] dominik.wombacher.cc/posts/my-
[4] keyoxide.org/dominik@wombacher

asp.keyoxide.orgKeyoxide ASP Tool
#keyoxide#openpg#wkd
ExploreLive feeds
About