If you receive a digitally signed message from me, or from someone who claims to be me, this page will guide you to check whether the signature is valid or not.
Need to send me an encrypted message instead? visit the Encrypt Page.
The following is how a digitally signed message looks like. You can use it to test the signature verification systems described below.
-----BEGIN PGP SIGNED MESSAGE-----
hello, i am Lorenzo Faletra, trust whatever i say in this message
only if this signature is either valid and generated with my key.
also make sure this message was originally intended for you
and it has not been re-used on a different context to fool you.
consider my signatures valid only if applied on messages
containing explicit reference to their context to prevent
signature-reuse of short and generic messages.
this specific message is a sample that i made for my personal website
and, unless i change it, you should find the original content here
every other use of this message should be considered invalid and suspicious.
-----BEGIN PGP SIGNATURE-----
-----END PGP SIGNATURE-----
Method 1: Keybase
Keybase is the easiest platform to make cryptography accessible to everyone. With keybase you can encrypt and decrypt messages using open protocols.
You can use the keybase website to check whether my digital signature is valid or not.
DOWNSIDES (for those who care): The website is hosted on Amazon AWS and the backend is not open source.
Method 2: GPG
GNU Privacy Guard is the most advanced secure communication and signature software available, and uses the PGP standard, which is what i personally trust the most.
DOWNSIDES: It is very hard to use if your are not a techie