====== Keyoxide ======

[[https://keyoxide.org/|Keyoxide]] verifies online identity with cryptography.

Once you have a PGP key pair, there are two ways to set identity.

    - Annotate your OpenPGP profile (public key) with "proofs". (Uploading this to their server creates a profile page. ([[https://keyoxide.org/1CBD499C61C7A3A7DED3935F5E21C0D40ED9EB54|My Keyoxide profile page]].))
    - Sign a Signature Profile (text file) with "proofs". (You can send this to people. Not super useful yet.)

===== Instructions for Annotating your PGP Public Key =====

For each location you want to prove, you have to do two things:

    - Add some proof at the site. Like [[https://gist.github.com/dblume/19738ca4ba998f2f784904190a1a22ea|a Gist with proof text at Github]], or a TXT record with proof text in a DNS entry.
    - Point to the above proof with an Identity Claim in the signature profile (text file) or OpenPGP profile.

[[https://docs.keyoxide.org/getting-started/creating-profile/|Create a Keyoxide profile]] by uploading an annotated key to [[https://keys.openpgp.org/upload|keys.openpgp.org]].

==== Annotating ====

<code bash>
$ gpg --edit-key MYKEYFINGERPRINT
...
gpg> showpref  # lists current notations
...
     Notations: proof@ariadne.id=dns:dblu.me?type=TXT
                proof@ariadne.id=https://mastodon.social/@dblume
                proof@ariadne.id=https://gist.github.com/dblume/19738ca4ba998f2f784904190a1a22ea
                proof@ariadne.id=dns:dlma.com?type=TXT
gpg> notation
Enter the notation:proof@ariadne.id=dns:mynewdomain.com?type=TXT
gpg> save
</code>

==== First time OpenPGP Profile (Public Key) Upload ====

<code bash>
gpg --armor --output public.asc --export MYKEYFINGERPRINT
</code>
go to [[https://keys.openpgp.org/upload]] and upload the public.asc you have created in the code above.

==== Subsequent changes to key annotations ====

Add/Remove/Edit an annotation in your public key.

<code bash>
gpg --keyserver hkps://keys.openpgp.org --send-keys MYKEYFINGERPRINT
</code>

===== Example Signature Profile =====

(Again, not super useful yet.)

Starting with a text file with proofs in it:

<file text mysignature.txt>
See https://keyoxide.org/1CBD499C61C7A3A7DED3935F5E21C0D40ED9EB54

proof=https://mastodon.social/@dblume
proof=dns:dlma.com?type=TXT
proof=dns:dblu.me?type=TXT
proof=https://gist.github.com/dblume/19738ca4ba998f2f784904190a1a22ea
proof=https://twitter.com/dblume/status/1662865674472157184

Check this signed message by pasteing it into https://keyoxide.org/sig
</file>

Sign it with ''gpg -u EMAIL_ADDRESS --clear-sign mysignature.txt'', and get an asc file like:

<file text mysignature.txt.asc>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

See https://keyoxide.org/1CBD499C61C7A3A7DED3935F5E21C0D40ED9EB54

proof=https://mastodon.social/@dblume
proof=dns:dlma.com?type=TXT
proof=dns:dblu.me?type=TXT
proof=https://gist.github.com/dblume/19738ca4ba998f2f784904190a1a22ea
proof=https://twitter.com/dblume/status/1662865674472157184

Check this signed message by pasteing it into https://keyoxide.org/sig
-----BEGIN PGP SIGNATURE-----

iQFDBAEBCgAtFiEEHL1JnGHHo6fe05NfXiHA1A7Z61QFAmR+zoUPHGRhdmlkQGRs
bWEuY29tAAoJEF4hwNQO2etU0hUH/R+xejlJUJ6F2YXviKKhpeahif7vNns30ZNC
nKuRL8O5qf3quuikvS6YJjNOQh4Tp2FQArfwJCf423F3+jPiIcLf1qRn4ttLk0Uu
PwWZ9aA3biYzjUpUcxB/cpgiHU2O1Va6muYl4/z1xQKCJF2H30vJvSb+A19XKsCZ
AvPzeb6otoxdbpekmd3Pj7KDYbJhcqEo8R9/gFXYfqhH+7ms087+gxDesKLXrVgj
upOE4Zg3t+z2YqkDIIN+njHzl+z6tlmgv2kQ553gGk1ruCGJJmOwlEqRI4jzEVeh
Zm1anJXAhVCdzi5Y3a15I8hjfZfU3WQxP2EztHaCRT3H/7YqHFU=
=M2AR
-----END PGP SIGNATURE-----
</file>
This can be verified at [[https://keyoxide.org/sig]].