Inspired by this old post from Rob Smith I have started making some changes to the blog. All of the pages are now signed using my GPG key, and can be verified by running curl https://www.brianlane.com/ | gpg --verify on the page. Rob did this by adding a plugin to Jekyll, but I’m using the Pelican static blog system for these pages, and as far as I can tell Pelican’s plugin support has no way to make sure your plugin is the final one being executed.
I am transitioning to a new GnuPG key, here is my transition statement, based on one from Simon Josefsson Here is my signed statement: - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512,SHA1 OpenPGP Key Transition Statement for Brian C. Lane I have created a new OpenPGP key and will be transitioning away from my old key. The old key has not been compromised and will continue to be valid for 30 days, but I prefer all future correspondence to be encrypted to the new key, and will be making signatures with the new key going forward.