myriation/keyoxide-web
1
0
Fork 0
forked from Mirrors/keyoxide-web
Code Pull requests Activity

Improve FAQ

Browse source
This commit is contained in:
Yarmo Mackenbach 2020-06-27 16:28:32 +02:00
parent 21f77643fc
commit e341f49268
1 changed files with 8 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
pages/faq.html
View file

@ -47,20 +47,23 @@
<p>But why would we? There's already an entire infrastructure out there in the form of websites that host their own keys (plaintext or web key directory) or dedicated "HTTP Key Protocol" or HKP servers, designed specifically for public key hosting. Why reinvent the wheel?</p> <p>But why would we? There's already an entire infrastructure out there in the form of websites that host their own keys (plaintext or web key directory) or dedicated "HTTP Key Protocol" or HKP servers, designed specifically for public key hosting. Why reinvent the wheel?</p>
<h3 id="how-is-this-privacy-friendly-and-secure"><a href="#how-is-this-privacy-friendly-and-secure">#</a> How is this privacy friendly and secure?</h3> <h3 id="how-is-this-privacy-friendly-and-secure"><a href="#how-is-this-privacy-friendly-and-secure">#</a> How is this privacy friendly and secure?</h3>
<p>You can't make an account on <a href="/">Keyoxide</a> because for basic cryptographic operations, I don't need your data or your keys. By not knowing anything about you or using any trackers, this is as privacy-friendly as it gets.</p> <p>You can't make an account on <a href="/">Keyoxide</a> because for basic cryptographic operations, we don't need your data or your keys. By not knowing anything about you or using any trackers, this is as privacy-friendly as it gets.</p>
<p>As for secure, <a href="/">Keyoxide</a> does all the cryptographic processing on your device and never sends data to the server. Besides, it never uses private keys and should you ever enter those.</p> <p>As for secure, <a href="/">Keyoxide</a> does all the cryptographic processing on your device and never sends data to the server. Besides, it never uses private keys and should you ever enter those.</p>
<h3 id="how-can-i-make-an-account"><a href="#how-can-i-make-an-account">#</a> How can I make an account?</h3> <h3 id="how-can-i-make-an-account"><a href="#how-can-i-make-an-account">#</a> How can I make an account?</h3>
<p>Well, you can't and that is the whole point of <a href="/">Keyoxide</a>. I don't wan't your data or your keys. They are not required for any of the operations provided by <a href="/">Keyoxide</a>.</p> <p>Well, you can't and that is the whole point of <a href="/">Keyoxide</a>. We don't wan't your data or your keys. Uploading your keys and/or data to our servers is required for any of the operations provided by <a href="/">Keyoxide</a>.</p>
<h3 id="can-i-get-a-sweet-profile-page"><a href="#can-i-get-a-sweet-profile-page">#</a> Can I get a sweet profile page?</h3>
<p>That, we can help you with! Just append your fingerprint to the domain (like so: <a href="https://keyoxide.org/9F0048AC0B23301E1F77E994909F6BD6F80F485D">https://keyoxide.org/9F0048AC0B23301E1F77E994909F6BD6F80F485D</a>) to generate a profile page.</p>
<h3 id="where-is-the-app"><a href="#where-is-the-app">#</a> Where is the app?</h3> <h3 id="where-is-the-app"><a href="#where-is-the-app">#</a> Where is the app?</h3>
<p>There's no app. Why would you want yet another app for what is essentially just a form with a big blue button?</p> <p>There's no app. Why would you want yet another app for what is essentially just a form with a big blue button?</p>
<h3 id="where-do-i-put-my-private-key"><a href="#where-do-i-put-my-private-key">#</a> Where do I put my private key?</h3> <h3 id="where-do-i-put-my-private-key"><a href="#where-do-i-put-my-private-key">#</a> Where do I put my private key?</h3>
<p><strong>DON'T</strong>! I don't want it!</p> <p><strong>DON'T</strong>! We don't want it!</p>
<p>Alternative services may ask you for your private keys so that they can offer additional functionality. Please understand that your private key is yours and ONLY yours. You should never upload it to any online service, in fact it should never leave your computer.</p> <p>Alternative services may ask you for your private keys so that they can offer additional functionality. Please understand that your private key is yours and ONLY yours. You should never upload it to any online service, in fact it should never leave your computer.</p>
<h3 id="what-is-the-use-if-I-can't-decrypt-or-sign-messages"><a href="#what-is-the-use-if-I-can't-decrypt-or-sign-messages">#</a> What is the use if I can't decrypt or sign messages?</h3> <h3 id="what-is-the-use-if-i-can't-decrypt-or-sign-messages"><a href="#what-is-the-use-if-i-can't-decrypt-or-sign-messages">#</a> What is the use if I can't decrypt or sign messages?</h3>
<p>If you want to be on the receiving end of securely encrypted messages, you should either learn the basics of modern cryptography and know your way around your computer's command line or switch to end-to-end encrypted instant messaging providers.</p> <p>If you want to be on the receiving end of securely encrypted messages, you should either learn the basics of modern cryptography and know your way around your computer's command line or switch to end-to-end encrypted instant messaging providers.</p>
<p>Simply put, if you have private keys, you probably won't be using <a href="/">Keyoxide</a>. You will benefit from using command line tools or GUIs like <a href="https://www.openpgp.org/software/kleopatra/">Kleopatra</a>.</p> <p>Simply put, if you have private keys, you probably won't be using <a href="/">Keyoxide</a>. You will benefit from using command line tools or GUIs like <a href="https://www.openpgp.org/software/kleopatra/">Kleopatra</a>.</p>
<p><a href="/">Keyoxide</a> is designed for those without extensive knowledge about cryptography and who wish to encrypt messages to, or verify the authenticity of messages coming from the people with that extensive knowledge.</p> <p><a href="/">Keyoxide</a> is designed for those without extensive knowledge about cryptography and who wish to encrypt messages to, or verify the authenticity of messages coming from the people with that extensive knowledge.</p>
@ -69,7 +72,7 @@
<p>It doesn't need to be centralized to have a "social network" function. <a href="/">Keyoxide</a> simply uses the already existing "social network" of websites hosting their own keys and servers dedicated to hosting large amounts of keys.</p> <p>It doesn't need to be centralized to have a "social network" function. <a href="/">Keyoxide</a> simply uses the already existing "social network" of websites hosting their own keys and servers dedicated to hosting large amounts of keys.</p>
<h3 id="pgp-must-die"><a href="#pgp-must-die">#</a> PGP must die!</h3> <h3 id="pgp-must-die"><a href="#pgp-must-die">#</a> PGP must die!</h3>
<p>Not a question but I get your point. While there are <a href="https://restoreprivacy.com/let-pgp-die/">legitimate reasons PGP should cease to exist</a>, it is still widely used and without any clear sign of imminent extinction, it needs proper tooling.</p> <p>Not a question but we get your point. While there are <a href="https://restoreprivacy.com/let-pgp-die/">legitimate reasons PGP should cease to exist</a>, it is still widely used and without any clear sign of imminent extinction, it needs proper tooling.</p>
<p>It should be noted that while PGP can indeed be harmful when applied to email encryption, there are other legitimate ways of leveraging PGP to encrypt and/or sign messages.</p> <p>It should be noted that while PGP can indeed be harmful when applied to email encryption, there are other legitimate ways of leveraging PGP to encrypt and/or sign messages.</p>
<p>That being said, <a href="/">Keyoxide</a> aims to integrate different cryptographic technologies and therefore ease the transition away from PGP.</p> <p>That being said, <a href="/">Keyoxide</a> aims to integrate different cryptographic technologies and therefore ease the transition away from PGP.</p>