-
Bob Mottram authored
Retire support for keybase.io gpg version 2.x doesn't appear to work well with it, but beyond that there's the really concerning issue that the site asks users to upload their *private keys*. Even if the private keys are client side passphrase encrypted this gives that site a full time opportunity to crack private keys. Even if they don't so that, a leak happens and suddenly letter agencies have your private key. Not a good way to go.
Bob Mottram authoredRetire support for keybase.io gpg version 2.x doesn't appear to work well with it, but beyond that there's the really concerning issue that the site asks users to upload their *private keys*. Even if the private keys are client side passphrase encrypted this gives that site a full time opportunity to crack private keys. Even if they don't so that, a leak happens and suddenly letter agencies have your private key. Not a good way to go.
Code owners
Assign users and groups as approvers for specific file changes. Learn more.