Good point.

Well, it sure prevents you from copying and pasting my formatted comment and trying to verify that. (As does my use of <em>…</em> in the previous sentence. Note, too that the 5 consecutive dashes that demarcate the signature have been turned into “—–”.)

Srijith’s plugin gets around this by providing the “raw” comment in a textarea, where you can copy and paste it for manual verification. With server-side verification, of course, you get around these problems because the server has access to the raw, unfiltered comment in the database.

I think server-side verification is important. Most people (including me) are too lazy to verify the comment manually, unless they are highly suspicious of its provenance. But I’m not averse to clicking on a link and having the server verify it for me. I won’t say I do that for every single PGP-signed comment, but I do it enough of the time that I’m pretty likely to catch any frauds. (For comments on my own blog, I get the comments mailed to me, and GPGMail bundle takes care of verifying them.)

Even better (though this would take a bit of re-architecting) would be for the server to cache the verification status, and display an icon right there in the inline comment listings.

Originally, Srijith and I decided that verifying the comment when it is first posted would create an unacceptable delay. Fetching the commenter’s public key can take some time, and posting comments in MT already requires a fair bit of page-rebuilding. Now that MT can perform such tasks in the background, perhaps that might be revisited.

WordPress, which uses dynamic pages could certainly do it that way, as there’s no constraint of verifying the comment before the page is “rebuilt”.

“Of course, the implementation won’t become widespread unless users as a whole or a vendor/developer of weblogging software includes it by default or people see its usefulness. It’s a chicken/egg problem.”

Yeah, 6A should include Srijith’s plugin with the default install (after all, it uses Ben Trott’s Crypt::OpenPGP module). And, whenever there’s an actual working version, Matt should include the OpenPGP Comment plugin with the default distribution of WordPress.

As to whether people will see the need for it, you clearly do. Matt didn’t used to, but I think he does now.

All it takes to convince someone of the need is to point them to your blog post.

But first let’s get some deployment. No point in creating a demand where there’s no supply …

Seriously though, as easy as signing and verifying MAY be (with the help of extras), until the implementation is widespread, it’s usefulness is limited as you have demonstrated here. Of course, the implementation won’t become widespread unless users as a whole or a vendor/developer of weblogging software includes it by default or people see its usefulness. It’s a chicken/egg problem.

I do wonder one thing though: Does post-submissions transformation (a la Markdown, textile, etc) hinder verification? I can’t see how it wouldn’t. There’s another problem to solve.

Jay,

I, too, use the GPGMail bundle for Mail.app too. I sign all my outgoing email (and have been doing so for almost a decade).

For signing other stuff (like blog comments), try GPGDropThing from the MacGPG project.

The real issue is not whether signing comments is easy (it is). It’s whether verifying the signatures on comments is easy. That’s what Srijith’s MovableType plugin achieves.

I’ll sign this comment just for giggles. You won’t be able to verify its authenticity until the under-development WordPress plugin actually works (and is installed on this blog).

In the meantime, you’ll have to just assume this was me.
—–BEGIN PGP SIGNATURE—–
Version: GnuPG v1.2.4 (Darwin)

iD8DBQFAvXKCnyqPIXpYcjcRAlm8AKDA3EjbZZ7B6RArviE7pMcxSiQoWACg+omK
NDyeMrAc5IICFuSyiyE717A=
=m4ds
—–END PGP SIGNATURE—–

Anyway, Jacques, PGP-signed comments suffer from the same problem that PGP-signed emails suffer from: poor, little or no implementation. and ease of use. Sure, the super-techies might be able to sign their own comments, but who can figure out what to do with that and what about the non-techies or even techies like me who could never figure it out? Thanks to GPGDropMail, and Mail.app, I’m now signing all of my emails, but I’ve been wanting an easy and reliable way to do that for five years and only now have I found it.

Make a dead simple integrated solution and people will use it. Until then, it’s just too difficult.

Do you still think PGP-signed comments are overkill?