[wyattpeak]

Sure, but you're ignoring flaws in the security to make a stronger marketing message for your site. Yes, there is nothing you can do about this, it's not under your purview. But nevertheless you can't make so strong a claim as to say that a message can't be faked without a broken verification function. It simply can't be faked in one particular way.

If Person B published a message under Person A's name, that is, to the non-crypto world, a faked post. They're not going to be impressed by your argument that actually it isn't faked, it's real, Person B just had access to Person A's computer.

[publiush]

Again, this is a security issue and doesn't in any way reduce the proven efficacy of cryptography. It's pedantic at best, and I am going to stop replying to your comments.

Happy new year.

[wyattpeak]

That's fine, I'm not looking to debate, I'm trying to help. You're here presumably looking for input on your new project, but you're not taking any of it, and getting very defensive whenever anyone offers anything other than praise.

I'm not making a comment out of pedantry, I'm telling you how I expect this is going to be seen by regular users. People on the whole are not interested in whether or not some particular security system is theoretically perfect, they're interested in whether or not it actually provides the security that they interpret it to promise. And they will interpret your claims as meaning that messages cannot come from anyone other than the signed user, which is going to be a problem the first time that assumption fails. And it will fail, because people aren't good at keeping secrets secret.