plugin-icon

Signed Posts

Door Marc Armengou·
Signed Posts allows authors to sign posts, assuring content integrity. Signature verification proves post-signing alteration hasn't occurred.
did
openpgp
security
Waardering
Een beoordeling toevoegen
Versie
0.4
Laatst bijgewerkt
Oct 9, 2025

Signed Posts allows authors to sign posts, assuring content integrity. Signature verification proves post-signing alteration hasn’t occurred.

Features:

  • In-browser verification: The signature verification is done on the client side (in the visitor’s browser).
  • Methods: OpenPGP (ASCII-armored detached signature) and DID (did:key, did:web) using Ed25519 detached JWS (b64=false).
  • Source of trust: For OpenPGP, the author specifies the URL of their public key in their profile. For DID, the author sets their DID (did:key or did:web). For did:web, the plugin fetches https://<host>/.well-known/did.json.
  • Status block: An informative block is automatically added to the end of each signed article, showing the verification status (valid, invalid, or error).
  • Author badge: The author name in posts is enhanced with an icon and KeyID/fingerprint text.

Source Code and Libraries

OpenPGP.js * Version: 6.2.2 * License: LGPL-3.0-or-later * Public Source Code: https://github.com/openpgpjs/openpgpjs

Web Crypto API * Used to verify Ed25519 signatures for DID.

Gratisop Business abonnement
Aan de slag
Door te installeren, ga je akkoord met de Servicevoorwaarden van WordPress.com en de voorwaarden voor plugins van derden.
Getest tot
WordPress 6.8.3
Deze plugin kan worden gedownload, zodat je hem op je kan gebruiken.
Downloaden