Every post I publish carries a PGP signature so you can be certain it really came from me. If you already use a desktop key manager like Kleopatra or the command-line version of GPG, you can grab my public key, load the text of the post, and run the usual verify command. That route gives you full control and is the gold standard for checking signatures.

For readers who would rather not install extra software, I built the quick browser-based checker below. Paste the complete signed message into the box and click Verify. The script fetches my public key straight from keys.openpgp.org, runs the OpenPGP.js verification routine right in your browser, and tells you whether the signature matches.

  • Green “Signature Verified” means that the text was signed with the private half of my PGP key. Because that private key never leaves my control, a valid signature proves the post actually came from me. Verification also confirms the content has not been altered on its journey to you. Even a single misplaced comma would break the signature and flip the indicator to red.
  • Red “Signature could not be verified” means something is wrong—either the text was altered or it never came from me in the first place.

Feel free to use whichever method fits your workflow. The important part is that you can always confirm the words you are reading are truly mine.

verified_user Verify Signed Post

Check the authenticity of any digitally signed post on HomoSapient.com

info
How to verify: Paste the complete PGP signed message below, including the "BEGIN" and "END" markers.

My Public Key: keys.openpgp.org/vks/v1/by-fingerprint/E8BD6CF322760962A5A6B25FD18C8DD71BB05748