User Tools

Site Tools


keyoxide

Keyoxide

Keyoxide verifies online identity with cryptography.

Once you have a PGP key pair, there are two ways to set identity.

  1. Annotate your OpenPGP profile (public key) with “proofs”. (Uploading this to their server creates a profile page. (My Keyoxide profile page.))
  2. Sign a Signature Profile (text file) with “proofs”. (You can send this to people. Not super useful yet.)

Instructions for Annotating your PGP Public Key

For each location you want to prove, you have to do two things:

  1. Add some proof at the site. Like a Gist with proof text at Github, or a TXT record with proof text in a DNS entry.
  2. Point to the above proof with an Identity Claim in the signature profile (text file) or OpenPGP profile.

Create a Keyoxide profile by uploading an annotated key to keys.openpgp.org.

Annotating

$ gpg --edit-key MYKEYFINGERPRINT
...
gpg> showpref  # lists current notations
...
     Notations: proof@ariadne.id=dns:dblu.me?type=TXT
                proof@ariadne.id=https://mastodon.social/@dblume
                proof@ariadne.id=https://gist.github.com/dblume/19738ca4ba998f2f784904190a1a22ea
                proof@ariadne.id=dns:dlma.com?type=TXT
gpg> notation
Enter the notation:proof@ariadne.id=dns:mynewdomain.com?type=TXT
gpg> save

First time OpenPGP Profile (Public Key) Upload

gpg --armor --output public.asc --export MYKEYFINGERPRINT

go to https://keys.openpgp.org/upload and upload the public.asc you have created in the code above.

Subsequent changes to key annotations

Add/Remove/Edit an annotation in your public key.

gpg --keyserver hkps://keys.openpgp.org --send-keys MYKEYFINGERPRINT

Example Signature Profile

(Again, not super useful yet.)

Starting with a text file with proofs in it:

mysignature.txt
See https://keyoxide.org/1CBD499C61C7A3A7DED3935F5E21C0D40ED9EB54
 
proof=https://mastodon.social/@dblume
proof=dns:dlma.com?type=TXT
proof=dns:dblu.me?type=TXT
proof=https://gist.github.com/dblume/19738ca4ba998f2f784904190a1a22ea
proof=https://twitter.com/dblume/status/1662865674472157184
 
Check this signed message by pasteing it into https://keyoxide.org/sig

Sign it with gpg -u EMAIL_ADDRESS –clear-sign mysignature.txt, and get an asc file like:

mysignature.txt.asc
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
 
See https://keyoxide.org/1CBD499C61C7A3A7DED3935F5E21C0D40ED9EB54
 
proof=https://mastodon.social/@dblume
proof=dns:dlma.com?type=TXT
proof=dns:dblu.me?type=TXT
proof=https://gist.github.com/dblume/19738ca4ba998f2f784904190a1a22ea
proof=https://twitter.com/dblume/status/1662865674472157184
 
Check this signed message by pasteing it into https://keyoxide.org/sig
-----BEGIN PGP SIGNATURE-----
 
iQFDBAEBCgAtFiEEHL1JnGHHo6fe05NfXiHA1A7Z61QFAmR+zoUPHGRhdmlkQGRs
bWEuY29tAAoJEF4hwNQO2etU0hUH/R+xejlJUJ6F2YXviKKhpeahif7vNns30ZNC
nKuRL8O5qf3quuikvS6YJjNOQh4Tp2FQArfwJCf423F3+jPiIcLf1qRn4ttLk0Uu
PwWZ9aA3biYzjUpUcxB/cpgiHU2O1Va6muYl4/z1xQKCJF2H30vJvSb+A19XKsCZ
AvPzeb6otoxdbpekmd3Pj7KDYbJhcqEo8R9/gFXYfqhH+7ms087+gxDesKLXrVgj
upOE4Zg3t+z2YqkDIIN+njHzl+z6tlmgv2kQ553gGk1ruCGJJmOwlEqRI4jzEVeh
Zm1anJXAhVCdzi5Y3a15I8hjfZfU3WQxP2EztHaCRT3H/7YqHFU=
=M2AR
-----END PGP SIGNATURE-----

This can be verified at https://keyoxide.org/sig.

keyoxide.txt · Last modified: 2023/06/05 23:29 by dblume