http / https proof not functioning #64
Comments
|
@mlsteele, do you know if there's a PVL-related reason we wouldn't also be hitting https://www.tamsoftware.info/keybase.txt? |
|
@oconnor663 The client gets a hint of where to look from the server and only looks there. The server tries both locations but only until it finds a success. I guess when it starts failing the server only rechecks from its hint. @fhorlaville The simplest thing to do until we make this better is to just revoke/redo the domain proof. This is the same issue as keybase/keybase-issues#2966 |
|
Thanks a lot, @oconnor663 and @mlsteele , for your quick answers. Thanks, Franck Horlaville |
|
All the code you're running locally is in https://github.com/keybase/client. What went wrong in this case is server code though, which is not open source. In general the server tells clients where to look for a proof, and the clients do all the verification locally, but it was the where-to-look that was broken. (We might be able to get rid of this mechanism for web proofs in particular, since there are only a couple possible locations, but it's necessary for services like Facebook and Twitter, where we can't have clients crawling your entire post history every time they try to ID you.) |
|
Now it gets even weirder ; I’ve created it as well in the other location, checked it, see that it’s being requested but it’s still broken
54.84.133.185 - - [11/May/2017:21:09:59 +0100] "GET /.well-known/keybase.txt HTTP/1.1" 200 2566 "-" "keybase-proofs/2.1.11"
… On 4 May 2017, at 16:25, Miles Steele ***@***.***> wrote:
@oconnor663 <https://github.com/oconnor663> The client gets a hint of where to look from the server and only looks there. The server tries both locations but only until it finds a success. I guess when it starts failing the server only rechecks from its hint.
@fhorlaville <https://github.com/fhorlaville> The simplest thing to do until we make this better is to just revoke/redo the domain proof.
This is the same issue as keybase/keybase-issues#2966 <keybase/keybase-issues#2966>
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub <#64 (comment)>, or mute the thread <https://github.com/notifications/unsubscribe-auth/AId11DwEnouWEZkf7d0fJ1o4HJU5yawqks5r2e4GgaJpZM4NQC3F>.
|
|
@fhorlaville I'm seeing The error is probably that the file at https://www.tamsoftware.info/.well-known/keybase.txt is an old proof, rather than the one that was generated when you proved the domain most recently. When I look at your sigchain, I see that your most recent proof for tamsoftware.info is at You'll probably want to re-prove the domain, and make sure you host the new file that gets generated during that flow. |
|
I deleted it all and re-created it ; all is fine now but wasn’t easy as the keybase app kept saying there was already a live proof.
Sorry for the hassle!
Franck
… On 12 May 2017, at 17:48, oconnor663 ***@***.***> wrote:
@fhorlaville <https://github.com/fhorlaville> I'm seeing Signature not found in body when I ID you. Is that consistent with what you're seeing?
The error is probably that the file at https://www.tamsoftware.info/.well-known/keybase.txt <https://www.tamsoftware.info/.well-known/keybase.txt> is an old proof, rather than the one that was generated when you proved the domain most recently. When I look at your sigchain <https://keybase.io/fhorlaville/chain>, I see that your most recent proof for tamsoftware.info is at "seqno": 6, but the file you're hosting is "seqno": 2.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub <#64 (comment)>, or mute the thread <https://github.com/notifications/unsubscribe-auth/AId11FffZXlut872lIL5sR3pMjNQ7YYtks5r5I1bgaJpZM4NQC3F>.
|
|
Is there a problem which can be fixed in this repo? |
Hi, I have recently switched web servers and had forgotten to move the keybase.txt file along, so rightfully I got the message that the web proof couldn't be verified. I have put the file back in place and checked it's working but can't re-enable the proof.
The keybase.io web server says it's not there (although it is) and the keybase app says it can't generate a new one because it's already present.
Any suggestion?
Thanks
The text was updated successfully, but these errors were encountered: