Verified Web Pages for Extra Security
Signed Pages is a browser extension developed by Tengu that adds an extra layer of security to web pages by verifying their authenticity through PGP signatures. This extension was initially created to enhance the security of the EteSync web app. One of the main concerns with web applications is that the JavaScript code can be altered by malicious or compromised servers, potentially compromising sensitive user data.
By verifying the code using PGP signatures, Signed Pages ensures that the code originated from the developer, mitigating the risk of tampering by malicious servers. While it doesn't protect against malicious developers, it brings the security of web apps closer to that of native apps.
To use Signed Pages, simply install the extension and add patterns for the pages you want to verify, along with the corresponding publisher's public key. The web pages must be signed for the extension to work effectively.
You can test the extension using example pages provided on the extension's settings page. The extension's source code and more information can be found on the project's GitHub repository.
Icons used in the extension are based on designs by Smashicons, Eleonor Wang, and Google, all licensed under CC 3.0 BY.