โ ๏ธ Warning: This post is over a year old, the information may be out of date.
๐ผ Status:
Keybase, GPG key and Zoom
๐ | โฐ 1 minutes
I have been using Keybase since 2016 until now and start using PGP since 2009.
Back then before Keybase available, I already use PGP as I mentioned earlier but I having hard with PGP keys because each time I upgrade OS, reformat OS, unrecoverable computer failure or switch newer computer I lost my PGP keys. Some of them don’t have expire date and I lost revoke key to take it down, unfortunately.
But nevermind, I not seriously use PGP at all but I prefer to be prepare and make it available to use when needed. Now with Keybase, I don’t need to istall PGP tool to read (decrypt) or write (encrypt) PGP secret message text. I just can use the web browser for this purpose. Lucky enough, thus lost keys are published on non-verifying keyservers, thanks to Enigmail fault. If you want to publish PGP keys to keyserver, use keys.openpgp.org
keyserver
Newer Thunderbird release (version 78) support for PGP encryption baked into the client directly unlike before user had to install extensions such as Enigmail to integrate PGP support.
You can export keybase PGP from keybase and modified it by adding emails then just import/update on Keybase (if you do mofification) . It just like centralize your PGP key with keybase for me.
Keybase allow you to store secret key with them and these keys are protected with passphase. I know, not everyone like to store secret key somewhere. Plus as you know this year, Zoom already acquired Keybase and we heard a lot about news Zoom leaked they sourcecode , over 500,000 Zoom accounts sold on hacker forums, the dark web and the worse part Zoom isnโt actually end-to-end encrypted . Yep, now we have trust issue with Zoom…
But I still trust Keybase E2E because of NaCl: Networking and Cryptography library and few more other reason. How about you?
Posted by: Hugo