Getting Started

I have the same problem. I cannot manage to deploy Keyoxide on my server (I'm not a programmer).

I understand getting started is still complicated. In less than a year, this should all be solved when more work has been done on the so-called "signature profiles" and we have made some apps that just work and help you.

Right now, we are stuck with OpenPGP which means you need to do everything manually.

Akito Where do I find this official master instance?

The "official" instance would be https://keyoxide.org

Akito Where are alternative instances?

I don't have a public list yet. I know of a few but I have yet to contact the hosters and ask if I can promote their instances, make some public list.

Akito Where do I create a Keyoxide profile?

In an external tool, not Keyoxide. Right now, it's basically only the gpg command line tool. No OpenPGP GUIs currently support adding notations to OpenPGP keys, so no GUIs for us, unfortunately.

Akito How do I access that profile?

Your OpenPGP key contains so-called notations (the identity claims). You upload your OpenPGP key to a keyserver (keys.openpgp.org). Then you tell Keyoxide how to find your key. My test account https://keyoxide.org/3637202523e7c1309ab79e99ef2dc5827b445f4b basically says: ok, ask keys.openpgp.org for a key named 3637202523e7c1309ab79e99ef2dc5827b445f4b, download that key and extract the notations.

Akito where is a link between the link on a provider and the Keyoxide system?

Do not overestimate what the "Keyoxide system" itself does. Keyoxide is quite simple: 1) download a key, 2) extract the notations, 3)

All the value of what "Keyoxide" is what you do with your cryptographic key. This is by design. This identity verification system doesn't require a central authority. Soon, someone will hopefully make a competing project and your profiles will already work with that competing project because your profile is yours, it's not stuck with Keyoxide.

Akito How do the verifications work on the official website?

Once Keyoxide has extracted the notations ("identity claim") from the cryptographic key, it will attempt to interpret them ("hmmm this looks like a Github/Twitter/etc account") and will attempt to download some information from these accounts (like the biography, links, a tweet). In this information, Keyoxide will attempt to find a reference to the cryptographic key ("identity proof"). If this is found, the identity claim is verified.

It will work the same on "unofficial" instances.

Akito besides creating a GPG key, which has at that stage nothing to do with Keyoxide, yet.

Which is exactly how you get started with Keyoxide. My bad if the documentation doesn't explain that well. Thanks for the feedback, I'll change the Getting Started.

Hope this helps a bit. I think a video would help explain Keyoxide in a more visual way. I have been thinking about this for a while, but I have yet to find the time and resources to make this.

Thanks for the reply, I'm learning from your feedback!

Akito Yes, though I did not see a way to register or do anything. I just found the docs, forum and whatever metadata every website has to offer. I did not find a way to register.

You can not register. You make a cryptographic key on your computer, you upload it to a keyserver, boom. That's your "account", that is your profile. Keyoxide doesn't want to store your data, it just downloads it from other places.

Akito I have explicitly searched on the internet have not found a single one. When I search for Mastodon or Diaspora* instances, I can find plenty, besides the lists, which aggregate them anyway. So, in this case, it would probably be necessary to create a list, as you suggest.

True. Note that Keyoxide is also not very popular yet, by far not as much as Fediverse servers, so that makes sense.

Akito but it still seemed like Keyoxide was managing all this more centrally

I completely understand. I'm not sure what wording would be best, but it should be more clear that Keyoxide does nothing centrally. Keyoxide doesn't even have a database!

Akito Exactly this. You have an account. How do I create it? How do I link this profile to my stuff? Where are the profile settings

One of my replies above should answer this, but for the sake of experimenting with different explanations, allow me to try again.

Keyoxide doesn't store user data on its servers. You store your profile data on a keyserver, and Keyoxide collects your profile data from the keyserver. Keyoxide uses keyservers as its user database.

The advantage of this approach is competition: new competitors can show up and use all the data Keyoxide has access to, Keyoxide doesn't monopolize user data. More competition leads to better experiences for the user. Your complaint to me is the best example: if a different project manages to better explain how it works, it may get more users so the user wins.

Akito Or does the search on the homepage just search a keyserver directly?

Yes. I'm not sure how I can explain this on the homepage, maybe a little sentence underneath. Hopefully you'll stay around so I can try some things and get some feedback.

Akito I hope you will be more motivated to get going with that.

Even more motivated now!

Akito It's also better to start at all, rather than looking at time & resources and not making anything, at all.

Makes a lot of sense. A semi-good video to begin with is better that nothing.

I hope things are more clear now. You help me understand what I explain wrong so thanks!

I was working a bit on the documentation when I read this part again:

It is important to note that these "digital passport" files are NOT stored on Keyoxide servers, unlike traditional web platforms. You store your data where you feel comfortable and Keyoxide will just fetch it when it needs it.

Ref: https://docs.keyoxide.org/getting-started/overview/

It states you can't create an account on a Keyoxide server itself, you can't store your data there. I will rephrase it to make it clearer, but still, could you explain to me how you interpret that quote?

Would you mind having another look at the documentation? https://docs.keyoxide.org/getting-started/ I rewrote it a few days ago to actually just show a list of steps to undertake to get started. No more "trying to explain it all".

It does also mention that a valid email address is needed. Unfortunately this is still the case, but something I am working on, soon there will be a completely different method to create a keyoxide profile, one that needs nothing besides a keypair.