Normille parent
I don't know whether this is clever or not. But it ID'd me from my Github account public keys.
I think it's pretty clever, and demonstrates something very powerful about GitHub's position as de facto global code repository: you can get a strong cryptographic identity for (almost) anyone on the service, which you can then sign/encrypt to, verify for, etc.
age (another tool of Filippo's) leverages this to make encrypting to any GitHub user easy[1].
[1]: https://github.com/FiloSottile/age#encrypting-to-a-github-us...
> you can get a strong cryptographic identity for (almost) anyone on the service, which you can then sign/encrypt to, verify for, etc.
I made https://sshign.tcardenas.me/ to take advantage of this. For example: [1]
In the end, it isn't that useful. I only routinely sign digitally to deal with the (Spanish) government, and they provide their own certificates and software to do that.
[1] https://sshign.tcardenas.me/?signer=github.com%2Ftcard&messa...
Sorry, this web UI encourages me to upload private keys? Immediate nope for serious usage. Nice for testing, like jwt.io, though.
The signature verification is handy.
In Hong Kong and France where I pay taxes we seem to only use passwords. Sadly nobody has hacked my tax account and paid them for me :D
As a side note public keys are available on GitHub, e.g. https://github.com/FiloSottile.keys.