the solution is right here. You can view these forums without logging in or authenticating. So post your public GPG key. Now come back. Is the key still yours? Yup! So long as the attacker in the middle cannot determine when to MITM from when not to, you can always detect pretty quickly if MITM is happening. At worst they MITM some small percentage of the time, so you don't pick up on it but they still pwn some people. You could make a script that constantly loads the forum post you put your public gpg key in via Tor and see if it ever changes. I have long been a proponent of defeating MITM attacks with anonymity and non-authenticated middles .