Thank you for the response. I appreciate it.
Yes, though I did not see a way to register or do anything. I just found the docs, forum and whatever metadata every website has to offer. I did not find a way to register.
yarmo I don't have a public list yet. I know of a few but I have yet to contact the hosters and ask if I can promote their instances, make some public list.
I have explicitly searched on the internet have not found a single one. When I search for Mastodon or Diaspora* instances, I can find plenty, besides the lists, which aggregate them anyway. So, in this case, it would probably be necessary to create a list, as you suggest.
yarmo In an external tool, not Keyoxide. Right now, it's basically only the gpg command line tool. No OpenPGP GUIs currently support adding notations to OpenPGP keys, so no GUIs for us, unfortunately.
That part was indeed very confusing. On one part, the documentation is talking about OpenPGP, etc. That's something I already have set up (without the identity claims i.e. notations) and I am ready to use them for Keyoxide.
On the other part, it seemed to indicate, that Keyoxide has an instance or something that manages all this. Sure, I had read about making the key available on some server, but it still seemed like Keyoxide was managing all this more centrally.
yarmo Your OpenPGP key contains so-called notations (the identity claims). You upload your OpenPGP key to a keyserver (keys.openpgp.org). Then you tell Keyoxide how to find your key. My test account https://keyoxide.org/3637202523e7c1309ab79e99ef2dc5827b445f4b basically says: ok, ask keys.openpgp.org for a key named 3637202523e7c1309ab79e99ef2dc5827b445f4b, download that key and extract the notations.
This is precisely what I'm talking about. Exactly this. You have an account. How do I create it? How do I link this profile to my stuff? Where are the profile settings?
These were the big questions, that I could not answer, when reading the documentation. It seemed like, I needed to register for a profile, yet there is no registration or joining option, that I could find.
yarmo Do not overestimate what the "Keyoxide system" itself does. Keyoxide is quite simple: 1) download a key, 2) extract the notations, 3)
All the value of what "Keyoxide" is what you do with your cryptographic key. This is by design. This identity verification system doesn't require a central authority. Soon, someone will hopefully make a competing project and your profiles will already work with that competing project because your profile is yours, it's not stuck with Keyoxide.
That's fine. The problem lies in the aforementioned confusing profile system.
yarmo Once Keyoxide has extracted the notations ("identity claim") from the cryptographic key, it will attempt to interpret them ("hmmm this looks like a Github/Twitter/etc account") and will attempt to download some information from these accounts (like the biography, links, a tweet). In this information, Keyoxide will attempt to find a reference to the cryptographic key ("identity proof"). If this is found, the identity claim is verified.
It will work the same on "unofficial" instances.
Again. How do I tell Keyoxide to do this? Where do I create the profile? Do I need a profile now or do I not need one?
Or does the search on the homepage just search a keyserver directly?
Very confusing.
yarmo Hope this helps a bit. I think a video would help explain Keyoxide in a more visual way. I have been thinking about this for a while, but I have yet to find the time and resources to make this.
I hope you will be more motivated to get going with that. That would probably help a lot. I see potential in this project, but right now, I wouldn't even recommend it to anyone, because not even I figured out how to use it.
It's also better to start at all, rather than looking at time & resources and not making anything, at all.
So, perhaps you could start with a small one minute video, without much quality. I think that would already help tons, compared to the documentation.
Additionally, you could ask the community for help. I'm sure plenty of people would be able to contribute.