log☇︎
839000+ entries in 0.581s
nubbins`: "Using this you can ... sing your key. Although it is too logic to mention. For this you need your passphrase." -GPG mini how-to
KRS1: PeerCover allows anyone to form his or her insurance group or join an existing group to insure anything from a Bitcoin wallet to Ripple debt. Draft your own terms you approve and sign. Evaluate and vote on new members. Vote on new claims. - See more at: https://bitcoinstarter.com/projects/85#sthash.JNat22IH.dpuf
nubbins`: oh, there you go
mircea_popescu: alternatively, you can just make x independent keys, of which 1 is for the corp, and the others for directors, and perhaps sign a director certificate with thecorp key
nubbins`: "here, remember this 90+ character password"
nubbins`: ah, that would be less than useful
mircea_popescu: not be able to give diff directors diff keys << passphrases i mean, not keys.
mircea_popescu: people will need updated pubkeys including the whole list if they're to reply to the new keys
mircea_popescu: well, the problems are : depending on implementation you might not be able to give diff directors diff keys, so you depend on their probity signing properly ;
nubbins`: and this will not be a nightmare for those who have already added the original key, yes?
BingoBoingo: skinnkavaj: Does pumping LTC in hostile venues have you down? Does your audience seem listless? Try brewing some tea with potatoe leafs.
skinnkavaj: Does someone you know have: severe memory loss, large bags of useless crypto-currency, delusions about moons, rockets or mtgox-midas-ltc? Then they maybe be suffering from Litecoin Investor Syndrome and you should call 911 immediately, every second matters!
nubbins`: does that seem reasonable
nubbins`: okay, tell me if this makes sense: i have a business and a pgp key associated therewith. the email address of the uid is that of the business. what i want to do is add three additional uids for the three directors of the business, and then have a subkey generated for each director as well.
deadweasel: trust me, i just got off the phone with my ex.
deadweasel: but that's because they don't KNOW they can stop
dub: seems like a tough sell, americans don't tend to like to stop talking
ozbot: Discretion is the ability to know when to speak and when not to speak. : ZenHabits
deadweasel: hmmmm..... I think this cult will go far in the states... they will eat it up and send him all their money.
nubbins`: hmm, so a uid is associated always with the master key, correct?
nubbins`: and that was a gem
mircea_popescu: if i gotta bring the romanian rapper chick exampl;e again...
mircea_popescu: dub but the argument was it's practically different not fundamentally different
asciilifeform: all it certifies is that schmuck A and schmuck B convinced each other, using some paper, that their birth names are such-and-such.
dub: not arguing that, the arguemnt was, its not fundamentally different to gribbles wot
mircea_popescu: that'd be the problem of people not of calipers tho
mircea_popescu: well, it's a metic, properly speaking. being a metric one could build trust on it.
mircea_popescu: it's still a trust metric.
asciilifeform: dub: how? it doesn't shed any light on the question of whether you (or i, for that matter) are a Gestapo mole.
dub: same as 'key M has traded with pirateat40 and imsaguy'
dub: a trust metric
asciilifeform: even assuming that i could be entirely certain that the government papers are genuine
asciilifeform: what does my certification that 'key K belongs to Mr. Such and Such' actually give people?
asciilifeform: dub: you're losing sight of the objective
dub: asciilifeform: how about you sight my govt ID, my employer ID and witness me make a (verfiable) change to some internet route via a hardware 2fa secured platform
dub: Lacking or showing a lack of due concern; casual: spoke with blithe ignorance of the true situation
dub: of course its not universally done like this but neither is gribble wot
dub: again, there is often a long term relationship the ID is just another layer
dub: is the person I am trusting likely to assign trust blithely
asciilifeform: the value of linking pubkeys to government-issued id is rather tenuous
dub: sure there are instances where its broken but you apply the same process as teh gribble wot
BingoBoingo: dub: References necessarily implies tits...
dub: in the community I referenced its generally people who have interacted at a professional level over time, they require registration before attending so you know who you are goign tobe signing for and can stipulate what references they need to bring
BingoBoingo: asciilifeform: Well, I thought the carnal part was implied...
dub: well thats not always the case
asciilifeform: dub: people who you've never known before, and may not meet again, who come to you for the purpose of 'let's do keys.'
asciilifeform: it's astounding that anybody thinks you can 'meaningfully establish identity' or somesuch through casual meatspace meetings with strangers.
nubbins`: i really need to read more about all of this
KRS1: this is how you do the breast exams http://comps.canstockphoto.com/can-stock-photo_csp3051022.jpg
mircea_popescu: o but it is, dub. that's what measures the value of the engineer : the burned voltmeters.
dub: one group are more or less accustomed to being fucked over isnt valid
mircea_popescu: exactly the way the timisoara rapper girl is differen from "a singer"
dexX7: what's the idea behind "signing a key from another user"? like "mp confirms that dub is indeed dub"?
dub: how is this different to keservers
mircea_popescu: you go ask those you trust from that list as to the what and decide as to trust.
mircea_popescu: the wot doesn't describe if a person is trustworthy, that's your job. the wot doesn't describe what a person is doing. the wot strictly describes whom a person's been doing shit with.
mircea_popescu: you couldn't have missed the point where the girl explained why this is fallacious.
dub: mircea_popescu: so the lesson is, check who has countersigned? kinda like, check the wot user hasnt been shill rated
mircea_popescu: got the propellerheads all aggitated, because they're too retarded to understand in practice the first thing about a wot, because their 30 year old wot never worked.
nubbins`: i'm not sure i understand this, he's just some guy who goes around signing people's keys?
BingoBoingo: Tits work. For the gloryhole you have to go to the garage door though.
jborkl: Just don't look into the gloryhole
mircea_popescu: it's always good to demand tits be held up to peeprhole
dub: a bunch of propeller heads who have been communicating and meeting up in person since the dawn of the tubes, vs a goup of mostly people trying to scam money out of each other
mircea_popescu: or tits.
nubbins`: maybe i should demand a qr code be held up to the peephole
mircea_popescu: well they are basically the same thing in the sense the romanian talent earlier and a singer are basically the same thing
dub: right, and true, but they are basically the same ting
nubbins`: BingoBoingo: so you miss out on all those sweet opportunities to buy stolen jewelry or give some guy a glass of water because he's SO THIRSTY
mircea_popescu: dub i agree indeed you might like such surety, i still believe you'd rather check with gribble than with the pgp wot
dub: the keysigning party is where whats on the keserver gets validated
nubbins`: i always answer the door; depending on who it is and the time of day, i may or may not carry a hammer in my other hand
BingoBoingo: nubbins`: Maybe you want a WOT to decide who to answer the door for if someone knocks?
mircea_popescu: dub if you obtain this surety from sks.keyservers you're k-pop god.
nubbins`: i'm sure there are plenty of uses for WoTs outside of btc-space, but i can't think of any that would apply to me
dub: well there is a secondary economic'ish incentive, if netop at europa net signs a message to me asking me to null korea due to an outbreak of k-pop I might like some surety its him and not the NSA
mircea_popescu: this is one of those discussions
BingoBoingo: OpenPGP may be what the spec is called now, but GPG seems to be the only implementation that matters.
BingoBoingo: mircea_popescu: Should people really still be using PGP as an acronym. I figure it is better to bury it with GPG references.
mircea_popescu: things with no economic incentives included suck by that very fact.
mircea_popescu: that makes all the difference.
BingoBoingo: dub: A problem with keysigning parties is that life doesn't happen at your convenience. Out side of the nerdier regions they are a rare bird to spot.
dub: other than economic incentive to game it
mircea_popescu: better than the pgp wot thing they have
dub: its kinda teh idea behind public key repositories neh?
nubbins`: aw shucks, does this mean you'll come to my party?
nubbins`: people who you would never have to trust
jborkl: Keysigning parties, who shows up to that party
mircea_popescu: dub you trust thjat ?!
dub: not in the notary service sense, but in keysigning parties
jborkl: Just a example kako. I of course don't trust anyone you give a good wot
dub: BingoBoingo: you realise this exists already
mircea_popescu: (those situations where trust is built on key actions, not on person actions0
mircea_popescu: it many application the physical identity = key equality is not particularly important
mircea_popescu: BingoBoingo would it make a substantial difference to you should you discover "i" am really a 24 year old busty blonde woman ?
BingoBoingo: I'm thinking not quite that far yet. I'm thinking a place to start is people with notary services offering to endorse key is person. After that introduction of key is person trust can be built.
kakobrekla: is supposed to have "tight binding between contacts management and PGP key ring"
kakobrekla: that mail thing
mircea_popescu: someone with a good courtwot could be trusted upon to recomend pscych experts. if he also has a good psychwot.
mircea_popescu: so this'd be a dude with good wot exposure in musicwot and plumberwot