Tags: #infosec #security I have used Keyoxide for awhile now to verify my identity so I thought to throw together a step by step instructions in case someone wants to do it themselves. --- Wha...
Wrote up a quick thing about using Keyoxide and thought to share it here since I haven’t posted in awhile. lol
PGP keys gain trust the longer they’re used. But the likely-hood that they’ve been compromised also increases with time. I wouldn’t say they get “less secure” with time. Also, you can very easily create a new identity under the same PGP key, and revoke a previous identity. Additionally, you can certify other’s keys by signing it with your own, increasing the WOT (web of trust) with the key–asserting that the key does in fact belong to the correct person.
The keys are a bit more dynamic than you’re giving them credit for.
There’s also F/OSS which has been designed to alleviate some of the usability issues with PGP keys, mainly Keybase.
PGP keys gain trust the longer they’re used. But the likely-hood that they’ve been compromised also increases with time. I wouldn’t say they get “less secure” with time. Also, you can very easily create a new identity under the same PGP key, and revoke a previous identity. Additionally, you can certify other’s keys by signing it with your own, increasing the WOT (web of trust) with the key–asserting that the key does in fact belong to the correct person.
The keys are a bit more dynamic than you’re giving them credit for.
There’s also F/OSS which has been designed to alleviate some of the usability issues with PGP keys, mainly Keybase.