mirror of
https://codeberg.org/keyoxide/keyoxide-web.git
synced 2024-12-22 14:59:29 -07:00
Update guides
This commit is contained in:
parent
c87163e58e
commit
a8d9bab7e2
2 changed files with 9 additions and 7 deletions
|
@ -4,6 +4,14 @@
|
|||
|
||||
<p>Unlike proofs provided by for example <a href="https://keybase.io">Keybase</a>, OpenPGP proofs are stored inside the PGP keys themselves instead of being mere signatures. Since this operation requires keys with "certify" capabilities and not simply "sign" capabilities, these OpenPGP proofs could be considered more secure.</p>
|
||||
|
||||
<h3>Example</h3>
|
||||
|
||||
<ul>
|
||||
<li>Alice and Bob have been talking for years on service A. Alice already has an account on service B. Bob wants to move to service B as well. A simple decentralized proof confirms that the person who is known as Alice on service A is also known as Alice on service B. Bob can safely move to service B and talk to Alice without having to meet in person to confirm their accounts.</li>
|
||||
<li>Alice has received a friend request from Bob29 on service C. Is this the same Bob from service A or not? A simple decentralized proof confirms that the person who is known as Bob on platform A is also known as Bob29 on service C. Turns out 28 Bobs were already using service C.</li>
|
||||
<li>Bob has been invited by an account named Alyce to create an account on an unknown server. Is this a legit request? A simple decentralized proof tells Bob that Alice does not have such an account. Bob knows something is up and does not click the link possibly sent by an imposter.</li>
|
||||
</ul>
|
||||
|
||||
<h3>What an OpenPGP proof looks like</h3>
|
||||
|
||||
<p>Every OpenPGP identity proof is stored in the PGP key as a notation that looks like this:</p>
|
||||
|
|
|
@ -6,13 +6,7 @@
|
|||
<li>any other type of service that may require users to prove their online identity</li>
|
||||
</ul>
|
||||
|
||||
<p>Then you may be interested in supporting decentralized identity proofs as they allow your users to securely prove their identity across services. Let's look at some examples:</p>
|
||||
|
||||
<ul>
|
||||
<li>Alice and Bob have been talking for years on service A. Alice already has an account on service B. Bob wants to move to service B as well. A simple decentralized proof confirms that the person who is known as Alice on service A is also known as Alice on service B. Bob can safely move to service B and talk to Alice without having to meet in person to confirm their accounts.</li>
|
||||
<li>Alice has received a friend request from Bob29 on service C. Is this the same Bob from service A or not? A simple decentralized proof confirms that the person who is known as Bob on platform A is also known as Bob29 on service C. Turns out 28 Bobs were already using service C.</li>
|
||||
<li>Alice sends a cryptocurrency request to Bob. Is this a legit request? A simple decentralized proof tells Bob that that wallet is not owned by Alice. Bob knows something is up and does not transfer the money to the imposter.</li>
|
||||
</ul>
|
||||
<p>Then you may be interested in supporting decentralized identity proofs as they allow your users to securely prove their identity across services. Take a look at this [example](guides/service-provider) to find out how two persons can gain more confidence in knowing they are talking to and interacting with the right person in an online world where impersonating is all too easy.</p>
|
||||
|
||||
<p>The internet could be a slightly safer place if your service allowed your users to prove their identity. All the service needs to do is make a JSON file available with basic details about the user and set the correct CORS headers.</p>
|
||||
|
||||
|
|
Loading…
Reference in a new issue