I've now done enough stories where PGP keys feature as one aspect of identity verification to where I can say for certain: fucking everyone is bad at PGP
Show this thread
-
The best PGP key management / consistent usage I've seen so far was the Dread Pirate Roberts', and in the end the existence of his private key on his laptop became part of the case against him
Show this thread
-
-
In trial, they matched the private key found on his laptop to various DPR Silk Road forum postings that were PGP-signed.
-
Sorry, that part I knew. I'm curious why you said he had best key management?
-
Everyone else I’ve looked at seem to have lost a key / multiple keys, were careless about making sure to revoke old or lost keys in key pools / did not regularly post fingerprints in easy to find places
- End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.