Could you paste your pgp signature here at bitcointalk instead? Copy paste it into the opening message for example. It doesn't make much sense get it from the same website which authenticity I am trying to verify, specially over plain http.
Yes, done.
Thank you. sorry I didn't suggest this at first, but in adition to posting the key here (which greatly improves security) you could also upload it to a key server and update the tutorial to retrieve the key from a key server instead of from bitaddress.org.
It is fairly simple to do:
https://www.gnupg.org/gph/en/manual/x457.htmlAnyway. Great work, been using it even more frequently as of lately. It is my favourite way of generating addresses as I can manually enter randomness, while many other wallets and address generators rely simply on RNGs which have been attacked repeatedly. All has been great using Bitaddress+mycelium.
I have another feature request if you're up to it:
in the wallet details tab, if the entered private key is bip38 encrypted, you could show the encrypted private key in HEX format too.
Either way, big thanks and keep up.
I plan to improve the instructions for verifying the signature.
Regarding your request "show the encrypted private key in HEX format too". Can you describe the use case?
For example a use case for "Base 64" is to hide the private key data in plain sight. There might be circumstances
1) using an insecure channel
2) holding media that can be confiscated
where data could be hidden in base 64 noise. An example is putting the private key base64 encoded data into a JPEG. Then you just have to remember the beginning byte and ending byte of the private key data within the JPEG. There is plausible deniability at play here because you are not using the Bitcoin specific base 58 encoding.