Giving out private posting key
Why do sites ask for our private posting key?
Would it not be more ideal that we sign something with our private posting key
without giving out our private key? They could then decrypt using our public key.
Why have a private key if everyone wants you to share it with them?
DO NOT give out your private key. That is meant for your eyes only. Be careful with any site asking for this.
I agree but according to the steemit documentation this is actually by design. Dtube, and other sites ask for it and apparently it is thought to be ok as it is just the posting key which is the "lowest level of access. I agree this is not a great idea. They apparently ask for it so that you can use their service which performs actions on your behave at your request. I get it but seems a little crazy to build it this way. At least the posting key does not have access to any of the money, but there just should be a better way. I will definitely need to look at the APIs and think on this. I totally agree with you @motivators private keys are supposed to be private which is why I thought it really odd that it is designed this way and even suggested in the guides and documentation I have read.
So there is the Steem Blockchain which has interfaces such as Steemit. There are other interfaces through the steem blockchain, Dtube being one of them. I personally am only giving my information to Steemit just to limit my exposure but lots of individuals log into multiple interfaces on the steem blockchain. Just have to make sure it's trusted!
See my post and vote my last 3 post and I will upvote you 100% in one hour.... No reply