-----BEGIN PGP SIGNED MESSAGE-----
I've started using keybase.io for my public/private key needs as it is uniquely accessible; providing a means of easily finding my key and performing actions such as verification. Going forward, I plan to sign all posts on this site using the keybase.io key.
Keybase is an open directory -- no API key needed -- so you can request maria's key, get her proofs, and verify her identity in any software. The goal of Keybase is to let any security software be powered by usernames instead of offline key exchanges.
Posts can be verified by heading over to https://keybase.io/verify and pasting in the post inclusive of the GPG headers.
I can be found via search on keybase.io or from the command line by anyone with keybase installed by issuing a single command:
[[email protected] blogposts]$ keybase id rarmknecht ✔ public key fingerprint: C943 B682 922B F9B5 DAE6 C5F4 2C09 59FE F9E3 820D ✔ "rarmknecht" on twitter: https://twitter.com/rarmknecht/status/549312371521355776 ✔ "rarmknecht" on github: https://gist.github.com/869a150c0228796735e9 ✔ admin of the DNS zone for rarmknecht.com
Using Keybase.io for Blog Posts
To actually get verification to work with my blog posts, there are a few extra steps required. For one, the verification, and thus the signed text, must be of the post content in plaintext format, after Markdown syntax has been processed.
- Write the post in full
- Publish a draft
- Highlight the content in the draft and paste into https://keybase.io/sign
- Enter my passphrase, and generate the signed version
- Paste the signed version into a different editor
- Copy and paste the header at the top of the post
- Copy and paste the signature block at end of the post
- Now add in <br/> tags as needed to ensure signature and header lines appear in the appropriate format with content on its own line.
- Post and enjoy!
-----BEGIN PGP SIGNATURE-----
Version: Keybase OpenPGP v2.0.1
-----END PGP SIGNATURE-----