blog: Qui

cqcallaw · Dec 20, 2020 · 0d106ec · 0d106ec
1 parent 2eb9649
commit 0d106ec
Show file tree

Hide file tree

Showing 2 changed files with 11 additions and 1 deletion.
diff --git a/content/blog/distributed-authenticity-for-web3.md b/content/blog/distributed-authenticity-for-web3.md
@@ -21,4 +21,4 @@ Serially signing many files with GnuPG is not fast, but modern CPUs have many th
 
 Armed with this knowledge, I wrote [a Python script](https://github.com/cqcallaw/www/blob/94f0dbb84fa3908acdd698d7b67071bf4f2a723b/sign.py) that generates good PGP signatures across every file on the website while fully utilizing all 16 of my CPU's threads. The result can be seen on [brainvitamins.eth](http://www.brainvitamins.eth). For any given file, a corresponding `.sig` file should exist that can be verified using [my public key](/pubkey.asc).
 
-Next step: building a browser extension to automatically verify signatures and trust pubkeys as required.
+Next step: [building a browser extension to automatically verify signatures and trust pubkeys as required](/blog/qui).
diff --git a/content/blog/qui.md b/content/blog/qui.md
@@ -0,0 +1,10 @@
+---
+title: "Qui"
+date: 2020-12-20T13:03:50-08:00
+draft: false
+tags: ['web3', 'dweb', 'security']
+---
+
+The browser extension I [discussed previously](/blog/distributed-authenticity-for-web3) is now accessible at [on GitHub](https://github.com/cqcallaw/qui). The extension won't (intentionally) leak private data, but constructive criticism and user feedback is welcome.
+
+[Handling signatures in IPLD](https://blog.ceramic.network/how-to-store-signed-and-encrypted-data-on-ipfs/) looks like a better long-term solution, but the use of PGP should be an effective stopgap while standards emerge.