Verify My Identity
This page lets you confirm that this site and its accounts are controlled by me.
Keyoxide
https://keyoxide.org/hkp/882AAA9AF96C51FAA0CABA638F2FFA281B2921F3
Keyoxide is an open-source identity verification tool that links my PGP key to the accounts I control.
PGP Public Key
Fingerprint:
882A AA9A F96C 51FA A0CA BA63 8F2F FA28 1B29 21F3
View raw key
-----BEGIN PGP PUBLIC KEY BLOCK----- mDMEaXhFkhYJKwYBBAHaRw8BAQdA+lw58kDIw+jvGTnVELJF7Gpi07jhtGPlS5Gd cXQff460J1NoYXVuIEdhcndvb2QgPHNoYXVuLmdhcndvb2RAZ21haWwuY29tPokB LwQTFgoA1wIbAQUJCWYBgAULCQgHAgIiAgYVCgkICwIEFgIDAQIeBwIXgBYhBIgq qpr5bFH6oMq6Y48v+igbKSHzBQJqOGQpNhSAAAAAABAAHXByb29mQGFyaWFkbmUu aWRkbnM6c2hhdW5nYXJ3b29kLmNvbT90eXBlPVRYVF4UgAAAAAAQAEVwcm9vZkBh cmlhZG5lLmlkaHR0cHM6Ly9naXN0LmdpdGh1Yi5jb20vc2hhdW5nYXJ3b29kL2Q1 ZTgwZTYyMzYzYWNhZTBjYjM5YzRiYzczOWE5NmQzAAoJEI8v+igbKSHzxdoBAK8a mqS+of6P49EYNcZvQYS6K1wCrjxoTUnCSzqknau0AQC/1MKv3XxXlpD38AQOyQ30 K6g0w7O1lRbKHbZ2UOLIBrgzBGl4Ro0WCSsGAQQB2kcPAQEHQCoc0omPqGj7HiUv Y3DGwPm8gT15Vxai84QRWwPzC1+8iPUEGBYKACYWIQSIKqqa+WxR+qDKumOPL/oo Gykh8wUCaXhGjQIbAgUJCWYBgACBCRCPL/ooGykh83YgBBkWCgAdFiEE057zb16n xPlfaKsjIz4qppFhxjAFAml4Ro0ACgkQIz4qppFhxjDPKwEAi+ud71FtXJnazzhg QZEPkubLNiobrruWEHG09bfC3M8BAJFYpB7jVcF+8KSOS10AsZhOhCkKNeWasUkI Ro5jZTALalUA/2BA7NUz3Fz49LT0qR3BSldscsyLR1R61Bmn1j4dMKZWAPsE8hl1 8tkZLz1ruvO5zRIwSUlCywziqNtipZa3E+OLALg4BGl4RrYSCisGAQQBl1UBBQEB B0CxSQJobuGuhuBcf1W2XphoMyLKDHsBHBVdIv/8SbMQFAMBCAeIfgQYFgoAJhYh BIgqqpr5bFH6oMq6Y48v+igbKSHzBQJpeEa2AhsMBQkJZgGAAAoJEI8v+igbKSHz cX8BAMKCcW2J2ONEGaGYSdEq1LMtEA3pq9m2Aedxj8mv8scMAP0bsqp1Uai4BQhv Sjsz27vuiop+qbC5yZ1mm2vjuqvuCLgzBGl4RssWCSsGAQQB2kcPAQEHQBziInsy DznqTZmXcBgcAfvWPOQHk75JjXBMf3QtLNEXiH4EGBYKACYWIQSIKqqa+WxR+qDK umOPL/ooGykh8wUCaXhGywIbIAUJCWYBgAAKCRCPL/ooGykh898YAP4+RNUrSqdm scOM1RJ2OMqUx+tcxqqtr54PCdCOBPDxWAEA5HGZnO2LCy4yw6yMgYtSsw8vvoyR 24ko0xuC0dZQ+ww= =x6k+ -----END PGP PUBLIC KEY BLOCK-----
Verifying Blog Posts
Signed posts show a "Cryptographically proven to be Shaun (not a 🤖)" badge. To verify one yourself:
GPG signing requires my private key, which I will never hand over to the 🤖. An AI can generate text in my name, but only I can sign it. The signature proves that I deliberately reviewed and published this post.
# replace POST-SLUG with the post's URL slug, e.g. holy-gap-batman curl https://shaungarwood.com/source/POST-SLUG > post.mdx curl https://shaungarwood.com/signatures/POST-SLUG.asc > post.asc gpg --fetch-keys https://shaungarwood.com/pgp-key.asc gpg --verify post.asc post.mdx
A Good signature from "Shaun Garwood" response means the post hasn't been tampered with since I signed it.
The "Verify in browser" button uses an OpenPGP library served from this site — so it requires some trust in the server. For zero-trust verification, use the CLI method above with your own gpg.
DID Passport
This site publishes a W3C Decentralized Identifier (DID) document at:
shaungarwood.com/.well-known/did.json
DID: did:web:shaungarwood.com