First year anniversary of the website!
Welcome to my little page! I’m just another nerdy amateur programmer trying to find his way around. I often keep myself tied up with a lot of projects, so I may not finish everything in reasonable time, but I stick with it.
As a note, if you are a contributor or participant in any services I provide, please note that servers tend to restart at 05:00 AM UTC for updates, so try to finish what you are doing before then or prepare for a temporary outage.
And please notify me of any outages of significant duration! Keep the “significant duration” bit in mind, since usually I’m already aware of the issue and am trying to work on it.
Verification
I’m a bit paranoid about (or maybe just obsessed with) security, so I have a PGP and Minisign key which I not only use to sign releases, but the pages on this website. Simply append .sig
or .minisig
at the end to get the PGP or Minisign signature, respectively. For instance, this page’s are: index.html.sig
and index.html.minisig
since that’s the standard name for the default page. Non-HTML files are also signed, of course. An obvious exception is dynamic content like PHP scripts, since you will likely not have access to the script to verify the signature, but those are minimal on this site.
PGP Fingerprint:
EAAC D1E4 26BC D09B CD92 D4A9 4BA8 5D5B 1A05 64AE
Full PGP Key:
-----BEGIN PGP PUBLIC KEY BLOCK-----
mDMEZQnKlhYJKwYBBAHaRw8BAQdAufj5YcF0zOgVwK2DfgUQTH3LTtBa5wUKFxI1
+4BlGCO0J1VGRlIgPHVmZnJfcHJpdmF0ZV8yNjk4OUB1LWdyb3VwMTMub3JnPoiW
BBMWCAA+FiEE6qzR5Ca80JvNktSpS6hdWxoFZK4FAmUJypYCGwMFCQJqWHoFCwkI
BwIGFQoJCAsCBBYCAwECHgECF4AACgkQS6hdWxoFZK6FWgD9EeWiZ/0Y9vUMj7VR
/n4mkTxyztKY6jOlIGhkNomSPbMA/2Fq2sxqNeu2B0YdNF2SF93yx6MT60/pM+Uz
SdTG9M0FuDgEZQnKlhIKKwYBBAGXVQEFAQEHQHIsokLrPLADR3wV9tW+WzFy2iJj
+5Dvmn/7HYxt8B4NAwEIB4h+BBgWCAAmFiEE6qzR5Ca80JvNktSpS6hdWxoFZK4F
AmUJypYCGwwFCQJqWHoACgkQS6hdWxoFZK7v5gEAioBQXdM62HfKXS28ODT5OwqV
HmegPj4WGRzPSdsK/H4A/iCJ4G8k6qTd0M9hq5nj+pfvucPYEKeXMK4tqvtZBcsL
=dT6H
-----END PGP PUBLIC KEY BLOCK-----
Minisign Public Key:
RWTi8Fpyd96T67DIkXucizBPn7MhAPydGmECavcjTxbF/p9vHhxiyZUd
It can also be retrieved from keys.openpgp.org, or if you prefer Tor.
But you may be asking: “But how can it be secure if you store the signatures and keys in the same place as the content?” to which I answer: “Ah, but you see, I have a little trick up my sleeve!”
I have several DNS TXT records to store the fingerprint/public key. For instance, _pgp-uffr.u-group13.org
and _minisign-uffr.u-group13.org
are for my PGP fingerprint and Minisign public key, respectively. Contributors on specific subdomains must have that subdomain specified as well, between the TXT record name and the main domain name, for instance: _minisign-sweet.thchronicle.u-group13.org
is valid as Sweet is the name of a contributor to the site hosted on the thchronicle
subdomain.
This means a hypothetical attacker would have to both hack my server, but also hack into the account for my domain registrar and change the DNS records with the keys there.
Notes
- Signatures are from the raw HTML of the resultant page.
- Make sure you are using the latest version of the page! Refresh to be sure.
- For your convenience, links are at the bottom to access them.