<!-- title: Page Verification -->
<!-- description: -->
<!-- render: yes -->
<div class="vertical text">
    <div class="horizontal-center">
        <div class="text-content">
            <h2>Page Verification</h3>

            <p>
                In order to allow people to verify that a post has really been
                created by me, I sign all blog posts and my "About" page using
                my <a href="{{ email_gpg_url }}">public key</a>.
            </p>
        
            <h3>Using My Script</h3>
            <p>
                To verify a page, you can use
                <a href="/assets/files/verify.sh">this script</a>
                (<a href="/assets/files/verify.sh.sig">signature</a>), which you
                can also find <a href="https://git.polynom.me/PapaTutuWawa/blog.polynom.me/src/branch/master/assets/files/verify.sh">here</a> in my blog repository.

                <code>verify.sh "$URL"</code>, where <code>$URL</code> is the URL on my blog you want to
                verify.

                <div class="warning">
                    WARNING: Never execute a script that you downloaded from the
                    Internet without checking it first. This also holds true for this one.
                </div>
            </p>

            <h3>What The Script Does</h3>
            <p>
                The following are the steps that my script takes to verify a page's signature. It
                is written down so that you could verify a page signature even without downloading
                my script.

                <ul>
                    <li>Download the page source to "page.html"</li>
                    <li>Extract the PGP signature from the top and save it to "page.html.sig"</li>
                    <li>Replace the signature in "page.html" with "%%%SIGNED_PAGES_PGP_SIGNATURE%%%" (Without the ")</li>
                    <li>Verify using <code>gpg --verify page.html.sig page.html</code></li>
                </ul>
            </p>
        </div>
    </div>
</div>