Thank you. If that's true I wish they would have just said so when people started complaining about it on Github. Everybody seems to have a different take on this.
Assuming what you're saying is correct, it seems much more sensible. It almost makes the PGP key seem superfluous, though I suppose it help with legacy this way.
It still seems not ideal, in that having one device compromised would give away your main private key and thus your whole identity. It would be nice to have it be some sort of subkey situation. I'd have to think about how that would work.
>It almost makes the PGP key seem superfluous, though I suppose it help with legacy this way.
This is actually one of the best "features" of keybase. They've backed everything by some strong pgp crypto roots, but none of their stuff really "operates" using pgp. The fact that they have abstracted it, in my opinion, is part of why people have adopted it so easily.
Assuming what you're saying is correct, it seems much more sensible. It almost makes the PGP key seem superfluous, though I suppose it help with legacy this way.
It still seems not ideal, in that having one device compromised would give away your main private key and thus your whole identity. It would be nice to have it be some sort of subkey situation. I'd have to think about how that would work.