keyoxide
This is an old revision of the document!
Table of Contents
Keyoxide
Keyoxide verifies online identity with cryptography.
Once you have a PGP key pair, there are two ways to set identity.
- Annotate your OpenPGP profile (public key) with “proofs”. (Uploading this to their server creates a profile page. (My Keyoxide profile page.))
- Sign a Signature Profile (text file) with “proofs”. (You can send this to people. Not super useful yet.)
Instructions for Annotating your PGP Public Key
For each location you want to prove, you have to do two things:
- Add some proof at the site. Like a Gist with proof text at Github, or a TXT record with proof text in a DNS entry.
- Point to the above proof with an Identity Claim in the signature profile (text file) or OpenPGP profile.
Create a Keyoxide profile by uploading an annotated key to keys.openpgp.org.
Annotating
$ gpg --edit-key MYKEYFINGERPRINT ... gpg> showpref # lists current notations ... Notations: proof@ariadne.id=dns:dblu.me?type=TXT proof@ariadne.id=https://mastodon.social/@dblume proof@ariadne.id=https://gist.github.com/dblume/19738ca4ba998f2f784904190a1a22ea proof@ariadne.id=dns:dlma.com?type=TXT gpg> notation Enter the notation:proof@ariadne.id=dns:mynewdomain.com?type=TXT gpg> save
First time OpenPGP Profile (Public Key) Upload
gpg --armor --output public.asc --export MYKEYFINGERPRINT
go to https://keys.openpgp.org/upload and upload the public.asc you have created in the code above.
Subsequent changes to key annotations
Add/Remove/Edit an annotation in your public key.
gpg --keyserver hkps://keys.openpgp.org --send-keys MYKEYFINGERPRINT
Example Signature Profile
(Again, not super useful yet.)
Starting with a text file with proofs in it:
- mysignature.txt
See https://keyoxide.org/1CBD499C61C7A3A7DED3935F5E21C0D40ED9EB54 proof=https://mastodon.social/@dblume proof=dns:dlma.com?type=TXT proof=dns:dblu.me?type=TXT proof=https://gist.github.com/dblume/19738ca4ba998f2f784904190a1a22ea
Sign it with gpg -u EMAIL_ADDRESS –clear-sign mysignature.txt, and get an asc file like:
- mysignature.txt.asc
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 See https://keyoxide.org/1CBD499C61C7A3A7DED3935F5E21C0D40ED9EB54 proof=https://mastodon.social/@dblume proof=dns:dlma.com?type=TXT proof=dns:dblu.me?type=TXT proof=https://gist.github.com/dblume/19738ca4ba998f2f784904190a1a22ea -----BEGIN PGP SIGNATURE----- iQFDBAEBCgAtFiEEHL1JnGHHo6fe05NfXiHA1A7Z61QFAmRyuY0PHGRhdmlkQGRs bWEuY29tAAoJEF4hwNQO2etUunQIAKffjiUmAk0km8yn5TMHTYWbc3nHz+euaQ1B xHEA9jRc746cfn2aVaSJzWdqIfVJu85H/vb56sBGZMNR/eSxNwJjLmu87kbN/3eb Ef0/5tXB2ftQE6wGpJB+SwL0aTnXdxA9x+ppFcxn+kFT2vgU0hn89oNT0fsy9heL bVE2oTIa7rXOYBheqAUEgQBMOgKeF3Z38XhhKfwHr6rOwqO9frxxmNcpBGHQop7u k8pHIBtUh/QbkmxvL0c09BNxQPxSDCgfxMIFe4VzdzRNPTEm+09hu62OiAZ74VFe F6golgZXU0slovISw6Y/+FSxnXlEVew3G7vLu+EZqCtVKO0hDzo= =G16H -----END PGP SIGNATURE-----
This can be verified at https://keyoxide.org/sig.
keyoxide.1685242154.txt.gz · Last modified: 2023/05/27 19:49 by dblume