TGP.SKI

canonical provenance record

The identity record for Tyler Pate — TGPSKI.

ed25519 issued 2026-07-12 signature verifies

Every domain and account I operate is claimed in a plain-text statement, signed with the key that signs my commits. Each claim below states how far it can be verified.

EBD5 FFAD 597E AEAF D2C6 9B42 1257 CF12 D9C9 3483

Each of these links back to TGP.SKI with rel="me" or publishes a DNS TXT record binding the domain to this key; GitHub also exposes the signing key through its public API.

this key appears in the account's public gpg_keys API; the profile links back here
the umbrella catalog — same host as this page, reciprocal rel="me" in the footer
local agent runtime — same host, reciprocal rel="me"
founder site — DNS TXT binds the domain to this key; the current site predates this record
agent skill registry — its manifest is signed with the key on this page
registrar 302 to this site; a DNS TXT openpgp4fpr record binds the domain to this key
registrar 302 to this site; a DNS TXT openpgp4fpr record binds the domain to this key

Asserted in the signed statement. No backlink mechanism exists for these.

the UID of the signing key — but gmail.com is not my domain: claimed, not proven
its website field points here; LinkedIn emits no rel="me", so the claim runs one way
# fetch the statement, the signature, and the key
curl -sO https://TGP.SKI/claims.txt
curl -sO https://TGP.SKI/claims.txt.asc
curl -s https://TGP.SKI/keys/tgpski.asc | gpg --import

# expect: Good signature from "TGPSKI ... <tyler.graham.pate@gmail.com>"
gpg --verify claims.txt.asc claims.txt

# cross-check the key against GitHub, independently of this site
curl -s https://api.github.com/users/TGPSKI/gpg_keys | grep 1257CF12D9C93483

# all seven domains bind to the same key via DNS TXT
dig +short TXT tgp.ski skills.tgp.ski tylerpate.com pate.sh leather.sh tgpski.com tgpski.sh | grep -i 1257CF12D9C93483
current signing key
ed25519, created 2026-06-27 — signs commits and this record
every published key, rebuilt from the files served here
RFC 9116 — contact and key locations
revocation
a compromised key gets a note under /keys/ and revocation on GitHub; a claims file that fails verification is void