I love their approach, but it is still PGP based. Moreover, it is a bit too centralized.
Thing is, a non-centralized system is really hard to monetize. There might be space for some long-form (as opposed to whatsapp, etc) encrypted messaging. But a solution for portable encrypted files (using either symmetric or asymmetric crypto) is hard to monetize.
Note that, while portable encrypted files could be used for encrypted messaging, the use cases and ergonomics are sufficiently different that a good solution for one will not be a great fit for the other.
There's nothing technically wrong (baring a yet-unrevealed exploit) with PGP itself. This thread's topic was about a weakness in SKS. PGP just suffers from major UX problems, which Keybase has largely addressed.
To use Keybase, one doesn't even need to know what PGP is. It all "just works". I have successfully introduced non-technical people to Keybase and what's more, these people use it actively and appreciate what it can do for them. Can't really say that about PGP.
> Thing is, a non-centralized system is really hard to monetize
Until our government supports such infrastructure, the only solution is trust funds / non-profit organizations which released all of their R&D for free.
It's still too centralized. You and I can't run our own compatible public Keybase servers, or our own private servers. Understandable, as their investors expect them not to give away everything for free.
The client is open source so reverse engineering and improving the server architecture is far from impossible. I think Keybase is making great strides on exploring how we can utilize asymmetric E2E encryption for communication, organization, storage, and everything in between. I think they've made tremendous progress in making E2E cryptography accessible. However we need a 100% FOSS system.
