💾 Archived View for gemini.circumlunar.space › ~ew › 2020 › 20201217-towards-a-proper-flightlog-4.gm… captured on 2022-01-08 at 14:37:56. Gemini links have been rewritten to link to archived content

View Raw

More Information

⬅️ Previous capture (2021-12-03)

➡️ Next capture (2024-06-20)

-=-=-=-=-=-=-

2020-12-17

Towards a proper FlightLog 4 -- Experiment with gpg-Signatures

tags: flightlog gnupg

I wrote:

More things to contemplate:
* Add a public key and a signed checksums file to indirectly sign the content.

Clearsigning a .gmi file

While this is definitely not needed for gemini space to operate, would it be possible to somehow /sign/ gemini files and thus document authorship? Would that be useful or worthwhile?

small test input file

Clear signing with gpg and serving that file directly?

  gpg --clear-sign test.gmi
  mv test.gmi.asc test-signed.gmi

small test input file, signed

The resulting file index.gmi.asc can be served, however it does look odd. Moreover clearsigning adds 19 lines and 882 Byte to this particular file. My posts so far average a little below 1500 byte. So adding more than half of that to each post seems wasteful. /Minimal Art/ looks different.

Clearsigning a generated checksums file?

Now I could try this differently: How about creating a checksums file and signing that?

  ( cd posts && ../bin/gem-checksum.sh \
             && gpg --clear-sign --default-key 8EFF13A1E073FAAE ew.flightlog.sha512sums \
             && cp ew.flightlog.sha512sums.asc ew.flightlog.sha512sums-signed.gmi )

/~ew/file/20201217-ew.flightlog.sha512sums-signed.gmi

The larger the checksums file, the less the additional size of the signature relatively speaking.

What else would I need to supply?

17F4 E142 922D 14E1 05C1 FE60 C678 A449 4471 20FA

/~ew/ew.gemini.asc

So, imho, yes, this can be done.

However: Is it useful?

Home