diff options
author | Nicholas Johnson <nick@nicholasjohnson.ch> | 2023-10-20 00:00:00 +0000 |
---|---|---|
committer | Nicholas Johnson <nick@nicholasjohnson.ch> | 2023-10-20 00:00:00 +0000 |
commit | d25b7743fb26bbe4f1648048214d17da621d070beb202630c31ae044906b3ed7 (patch) | |
tree | 027fd6c53f7fd949df4c7a22e87a90dea96cb0e88dd3dfb8dc988b43213bac1a /content/entry/icannot-be-trusted.md | |
parent | b42f03332f305b08390e71ee498135e46ab6d1fe67ebcf85d9a37a666901d464 (diff) | |
download | journal-d25b7743fb26bbe4f1648048214d17da621d070beb202630c31ae044906b3ed7.tar.gz journal-d25b7743fb26bbe4f1648048214d17da621d070beb202630c31ae044906b3ed7.zip |
Use SWHIDs in Software Heritage linkssignify-signature-7
Diffstat (limited to 'content/entry/icannot-be-trusted.md')
-rw-r--r-- | content/entry/icannot-be-trusted.md | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/content/entry/icannot-be-trusted.md b/content/entry/icannot-be-trusted.md index 54e09f9..9d1122f 100644 --- a/content/entry/icannot-be-trusted.md +++ b/content/entry/icannot-be-trusted.md @@ -18,6 +18,6 @@ Ideally, you're accessing this journal [over](gemini://nick6gsepvtmkcpibpid6dqtq My Tor onion and I2P addresses aren't foolproof. They're hosted on a VPS, meaning my VPS provider could hijack them. Using nicholasjohnson.ch to access my journal, you have to trust both ICANN and my VPS though. So you're better off using Tor or I2P so you only need to trust one third party, not two. -Brief digression: To avoid trusting any third party, you can always [verify my journal's Git repository](https://archive.softwareheritage.org/browse/origin/directory/?branch=refs/tags/signify-signature-1&snapshot=d25282c0c441839d1ca147a90699bd2c7d986a21) with [my public Signify key](/resource/signify.pub) and a small utility called [git-signify](https://git.nicholasjohnson.ch/git-signify/). If there's any doubt the key is mine, I gave a [Libreplanet talk](https://media.libreplanet.org/u/libreplanet/m/taking-back-the-web-with-haketilo/) with my public key in the slides five months ago and I have an unbroken history of public keys going back to December of 2020 starting with my original [GPG key](/2021/12/30/statement-of-gpg-key-transition/) which I transitioned away from. +Brief digression: To avoid trusting any third party, you can always [verify my journal's Git repository](https://archive.softwareheritage.org/swh:1:rev:0990ac4365ea2e436a9d28aeefdd16ec65c27afa;visit=swh:1:snp:d25282c0c441839d1ca147a90699bd2c7d986a21) with [my public Signify key](/resource/signify.pub) and a small utility called [git-signify](https://git.nicholasjohnson.ch/git-signify/). If there's any doubt the key is mine, I gave a [Libreplanet talk](https://media.libreplanet.org/u/libreplanet/m/taking-back-the-web-with-haketilo/) with my public key in the slides five months ago and I have an unbroken history of public keys going back to December of 2020 starting with my original [GPG key](/2021/12/30/statement-of-gpg-key-transition/) which I transitioned away from. If you yourself are an online service provider, please follow my example and offer a Tor onion and/or I2P address to help resist ICANN's power. |