part 1

Was digging around figuring out how to actually do the pgp method.

bit of backstory I never wrote down:

at some point in the past I made my server host my PGP key

so now a copy of it

which means I can get keyoxide to use this self-hosted PGP key with a URL like:

brings us to today

I started following

and wasn't quite sure exactly how it should look, but I found someone else's pgp key to look at.

then used

gpg --export fingerprint | gpg --list-packets

and decided it would be easy to get a TXT record for my domain like they had, and add a notation with the value:

proof@ariadne.id=dns:thebackupbox.net?type=txt

I ended up stuck at the part where I added a notation because I did the stuff in

which means I have my actual secret key on a flash-drive I never touch.

and I need it to add notations.

$ gpg --edit-key 9D8792C80AD2050BB156B989D37F0B9720A0B55B
Secret subkeys are available.

pub  ed25519/0xD37F0B9720A0B55B
     created: 2021-08-20  expires: 2031-08-18  usage: C   
     trust: unknown       validity: unknown
ssb  ed25519/0xB29D7B50990E0EB6
     created: 2021-08-20  expires: 2031-08-18  usage: S   
ssb  cv25519/0xA21417EA02148649
     created: 2021-08-20  expires: 2031-08-18  usage: E   
ssb  ed25519/0xBFF7C81B266B6EAF
     created: 2021-08-20  expires: 2031-08-18  usage: A   
[ unknown] (1). epoch@thebackupbox.net

gpg> notation
Need the secret key to do this.

gpg> quit

I guess when I get around to booting up a laptop with the flashdrive my private key is on, I'll make a part 2.