-- Leo's gemini proxy
-- Connecting to ew.srht.site:1965...
-- Connected
-- Sending request
-- Meta line: 20 text/gemini
I wrote:
> More things to contemplate:
> * Add a public key and a signed checksums file to indirectly sign the content.
While this is definitely not needed for gemini space to operate, would it be possible to somehow /sign/ gemini files and thus document authorship? Would that be useful or worthwhile?
Clear signing with gpg and serving that file directly?
gpg --clear-sign test.gmi mv test.gmi.asc test-signed.gmi
The resulting file index.gmi.asc can be served, however it does look odd. Moreover clearsigning adds 19 lines and 882 Byte to this particular file. My posts so far average a little below 1500 byte. So adding more than half of that to each post seems wasteful. /Minimal Art/ looks different.
Now I could try this differently: How about creating a checksums file and signing that?
( cd posts && ../bin/gem-checksum.sh \
&& gpg --clear-sign --default-key 8EFF13A1E073FAAE ew.flightlog.sha512sums \
&& cp ew.flightlog.sha512sums.asc ew.flightlog.sha512sums-signed.gmi )
The larger the checksums file, the less the additional size of the signature relatively speaking.
What else would I need to supply?
The fingerprint of this key-pair
17F4 E142 922D 14E1 05C1 FE60 C678 A449 4471 20FA
The public portion of this key-pair
Somehow make the .asc files wrapped as .gmi or otherwise made more visible?
So, imho, yes, this can be done.
However: Is it useful?
-- Response ended
-- Page fetched on Fri Apr 26 00:58:48 2024