Friday, May 28, 2004

OpenGPG Commenting for WordPress

It seems as if someone by the name of Christoph Rummel has already gotten down to work on adding support for PGP-signed comments to WordPress. All to the good, I say - for one thing, this shows that there's more interest in the notion of identity-verification via public-key cryptosystems than one might have feared. For another, it potentially saves me a lot of effort; having never been the sort to reinvent the wheel if I can help it, I'd much rather build on Mr. Rummel's work than start from scratch.

One very important piece of functionality that I would like to add to this plugin is automatic fetching of public keys, and their subsequent use in verifying signed comments. Ideally, comment verification should be done server-side, with the option left to the reader to carry out client-side verification of the raw data as well; anything less than this, and the likelihood is that most people won't bother. Still, it would be petty to cavil too much at such an early date, and Christoph Rummel's plugin does at least deal with the aesthetic factor that's given so much cause for opposition to PGP-signing on the part of some.