<!-- title: Page Verification -->
<!-- description: -->
<!-- render: yes -->
<div class="vertical text">
<div class="horizontal-center">
<div class="text-content">
<h2>Page Verification</h3>
<p>
In order to allow people to verify that a post has really been
created by me, I sign all blog posts and my "About" page using
my <a href="https://{{ email_gpg_url }}">public key</a>.
</p>
<h3>Using My Script</h3>
To verify a page, you can use
<a href="/assets/files/verify.sh">this script</a>
(<a href="/assets/files/verify.sh.sig">signature</a>), which you
can also find <a href="https://git.polynom.me/PapaTutuWawa/blog.polynom.me/src/branch/master/assets/files/verify.sh">here</a> in my blog repository.
<code>verify.sh "$URL"</code>, where <code>$URL</code> is the URL on my blog you want to
verify.
<div class="warning">
WARNING: Never execute a script that you downloaded from the
Internet without checking it first. This also holds true for this one.
</div>
<h3>What The Script Does</h3>
The following are the steps that my script takes to verify a page's signature. It
is written down so that you could verify a page signature even without downloading
my script.
<ul>
<li>Download the page source to "page.html"</li>
<li>Extract the PGP signature from the top and save it to "page.html.sig"</li>
<li>Replace the signature in "page.html" with "%%%SIGNED_PAGES_PGP_SIGNATURE%%%" (Without the ")</li>
<li>Verify using <code>gpg --verify page.html.sig page.html</code></li>
</ul>
