2- My encryption problem

This was originally a blog post
It may read differently from other build logs for that reason

Two posts in one day, this has to be a record for me.

So for this post to make sense it requires two bits of background knowledge

  1. This site is made using a static site generator using Hugo
  2. I wrote a post a few days ago called Encryption which can be found here

With that out of the way, I can explain the issue I am having, and why I may finally have to bite the bullet and learn a tiny amount of web development.

I want to start ending my posts with a PGP signature, and I don’t know an elegant way to do this that doesn’t sacrifice function. In an ideal world, I want the following things to happen

Public key automation

I store my public key on Keybase so it is easy for normies to find it and use it. This key is more or less constantly kept up to date because of how the key base is, and because of that I want the public key on my site to not be static - I want it to be pulled directly from the key base

There is a way for me to do this which is a bit hacky, but possible. This site is hosted on GitHub, so I could write a GitHub automation that every 24 hours pulls the key base key, and cross-references it against the key on the site. If they are different then update it. This theoretically should be a fairly simple Python script that I could write in an afternoon - so that clears that up.

An easier option would be to make it a sidebar link that takes you directly to the key base but… no

Sig append

I want to make it so that every file on the site links to a raw file, that shows the full signed post.

For example, if the post only said “This is a post signed by me - eddiequinn” then the raw file would say

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

this is a message signed by me - eddiequinn
-
Verify this post

This page is published as a PGP clearsigned document. You can verify it like this:

gpg --keyserver hkps://keys.openpgp.org --recv-keys CA98D5946FA3A374BA7E2D8FB254FBF3F060B796
curl -fsSL 'https://eddiequinn.xyz/sigs/build-logs/eddiequinn.xyz/signing-posts/hugos-encryption-problem.txt' | gpg --verify

whoami

Systems should be predictable. People rarely are.

2023-05-07