Hacker News new | past | comments | ask | show | jobs | submit login

I'd like to know how they plan on dealing with subkeys -- my Keybase key is an ed25519 key kept offline, with a set of RSA subkeys generated directly on a Yubikey.

This lets me use my key on an Android device (via Open Keychain), or PC (via GnuPG's smart card interface.)

I don't want additional NaCL keys hanging around on 'online' machines outside of a secure element such as a smart card.




> my Keybase key is an ed25519 key

Could you explain how you did this? I was under the impression it was impossible because Curve25519 encryption isn't implemented yet.


The offline key isn't used for encryption, only signing. In this case, signing the subkeys, which are used for encryption (or auth, or signing).

Really not all that different from past days of having a dsa key with an el gamal subkey for encryption.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: