Follow
There certainly is OpenPGP.js so all that can be now done fully client-side, the problem is web-of-trust. If you aren't 100% sure the page is genuine and the PGP key used to verify is genuine, you can't be really sure. This is very complex problem if you consider all real-world factors, so not only technical but also usability and human factor...