Hi, On 20 Jun 2014, at 22:22, Rikairchy <blakcshadow@xxxxxxxxx> wrote: > There is an option to create as well as upload your private key. I'm > very new to this type of encryption, having only worked with > Truecrypt, SSH, and Bitloccker prior, but I was under the impression > that the private key was the last thing you should part with. Why > would a website focused on providing security allow users to upload > their private keys? You are completely correct. That is why they discourage using this feature: > Browser crypto can be scary. Do you have an evil extension installed? We > can't tell. Further, have we been tortured into serving you custom, targeted > JavaScript? Hopefully you're not that important. > So: only use this page if (1) you feel your browser is clean and (2) a life > doesn't depend on it. > > Alternatively, the keybase program is open source and uses both GPG + the > Keybase identity proofs API. It's great. > However, there are users that (for whatever reason) do want to use it. — Attilla
Attachment:
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ Sent through the Full Disclosure mailing list http://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/