Generate a PGP key using in-browser JS. Use that key submitted posts.

Then, later, sign either the file hashes or the public key itself using actual secure PGP. This is optional.

I'm not claiming any level of security, this is all mostly UI prototyping.