Links
Sourcecode
GitHub
GitLab
I’ve deprecated Github and Gitlab. My projects now live on SourceHut
Contact me
The easiest way to reach me is probably Matrix where I
go by the handle @moritz:poldrack.dev. You can also email me
using the email from the homepage. (just sed -e 's/^@//' -e 's/:/@/'
)
Keys
My personal PGP-Key
Download Download (OpenPGP.org)
Fingerprint: 190A 7434 36A7 7032 B4E1 7C9F 47DF 8FD1 598E 633F
Release signing key
Current version: v1
Releases are signed using BSD’s signify
-tool and can be
validated using the same.
# download the correct signing key for the release and it's pgp signature
$key_version=$(grep -aP 'release-key.v\d+.pub' -o1 < website.tgz)
curl -O "https://moritz.sh/release-keys/$key_version{,.gpg}"
# verify the pgp signature. This will _always_ use my latest key
gpg --import <(curl https://moritz.sh/pgp-key.txt)
gpg --verify $key_version.gpg
# extract the tarball
signify -Vz -t arc -p $key_version < <project>-<version>.tgz | tar xvzf -
How are Windows programs signed?
Since they are not packed in gzip, the embedded signature doesn’t work. The signature will instead be in an extra file inside the zip-file. Not that I expect the average Windows user to even care.
Do you know better? Have a comment? Great! Let me know by sending an email to ~mpldr/public-inbox@lists.sr.ht
If you feel like it, you can , or .
Unless stated otherwise the texts of this website are released under CC-BY and code-snippets are released into the public domain.
© Moritz Poldrack