I think it's pretty clever, and demonstrates something very powerful about GitHub's position as de facto global code repository: you can get a strong cryptographic identity for (almost) anyone on the service, which you can then sign/encrypt to, verify for, etc.
age (another tool of Filippo's) leverages this to make encrypting to any GitHub user easy[1].
In the end, it isn't that useful. I only routinely sign digitally to deal with the (Spanish) government, and they provide their own certificates and software to do that.
woodruffw|3 years ago
age (another tool of Filippo's) leverages this to make encrypting to any GitHub user easy[1].
[1]: https://github.com/FiloSottile/age#encrypting-to-a-github-us...
tcard|3 years ago
I made https://sshign.tcardenas.me/ to take advantage of this. For example: [1]
In the end, it isn't that useful. I only routinely sign digitally to deal with the (Spanish) government, and they provide their own certificates and software to do that.
[1] https://sshign.tcardenas.me/?signer=github.com%2Ftcard&messa...
frutiger|3 years ago