We’ve switched between a few hosts for our website and we’re finally settling on a solution that should be good for everyone. ModernTLD.com and this new news blog are now hosted on GitHub using GitHub Pages and behind CloudFlare.

This move offers a few advantages over the old system:

  1. Reliability and Independence in hosting
  2. Easy editing and distribution
  3. Transparency
  4. Integrity and Trust

Are you really independent if you’re reliant on GitHub Pages? This is really a technicality when it comes down to it, we could trivially git push to another infrastructure if we ever had any problems with GitHub itself. It’s far and away easier to transfer a Jekyll site to another host than a WordPress blog.

This system also allows me to edit the blog as easily as editing a Markdown file (and indeed, all the posts can be found here in Markdown form. And because of the Git based nature of this site, mirrors and distributions can be easily made to make the site more accessible and long lasting than it otherwise would be.

Additionally, this system allows a form of verification that every commit was created by myself, in a manner that a hacker could not reproduce. More on that below.

Integrity Protection

End-to-end integrity protection of any distributed information (code, documents, etc) is an extremely important aspect in the digital world, unfortunately way too often ignored by the industry today. - Joanna Rutkowska, Qubes OS Lead Dev

Now that GPG technology has been implemented in both GitHub and Git, it’s easy to independently verify anything posted to our website or this blog were indeed sent and signed by myself or an authorized ModernTLD volunteer.

[Update 2/8]: GPG key information for all ModernTLD members is available at blog.moderntld.com/keys/.

With those three seperate methods of verification, you will be able to assure the commits posted to this blog, and the commits posted to moderntld.com are from who they claim they are.

Thanks to GitHub Pages and CloudFlare (which provides SSL, caching, speed improvements, and additional reliability), our websites should be more robust against downtime and attacks, and more transparent and open, aligned with the nature of our project.