Fetching my Public Keys
You can fetch my key via:
gpg --recv-keys 748231EBCBD808A14F5E85D28C004C2F93481F6B
Alternatively, if you prefer importing manually/not to use a keyserver, then you can find my pubkeys in ASCII-armored and binary formats.
Additionally, I run an SKS server found at https://sks.mirror.square-r00t.net (stats) – to use with GnuPG, you can use the following:
- hkp://sks.mirror.square-r00t.net (plaintext)
- hkps://sks.mirror.square-r00t.net (encrypted)
--keyserver argument to gpg, or via dirmngr:
echo 'keyserver hkps://sks.mirror.square-r00t.net' >> ~/.gnupg/dirmngr.conf
gpgconf --reload dirmngr
Please contact me if you encounter any issues. It is, however, also included in the SKS mirror pool.
If you would like to peer with me, please send me an email.
Make sure you include the following information:
- Subject: SKS PEER REQUEST
- Your GPG Key Fingerprint/full key ID (not long or short key ID)
- Your member line (e.g.
my.key.server.tld 11370 # Name <email> 0xYOURKEYID)
- What SKS version you’re using
- When your last full dump is from and where you got it from
- If you support IPv4, IPv6, or both
- If you support HKPS
- Your Status URL
- The number of currently loaded keys
- The geographical location of the server
- A direct contact for administrative purposes if it differs from the address the request was sent from (will not be released publicly)
Signing my key
Once imported, you can then sign my key (alternate reference) and verify any signatures I have made. Please see Signature Pushing.
Proof/Verification of Identity
If you are geographically far from me (and a physical meeting is unlikely) but you would like further confirmation/verification, please feel free to email me (Subject: GPG IDENTITY VERIFICATION REQUEST) to arrange a video conference to do this.
I will give exportable signatures to keys of which key owners provide proof of identification/ownership.
For keys that are not validated owned/identified, they are limited to local/non-exportable signatures only.
If you have generated a new primary key and I have signed the previous one, send me an email GPG-signed by you (using the old key) notifying me of your old key fingerprint, the new key’s fingerprint, and where the new public key can be fetched (if not attached). Trust will be granted but limited to a lower level than before until sufficient proof of ownership is given (I’ll tell you what you need for the next level if requested).
If you no longer have access to your old key, a local/non-exportable signature only will be made until further verification of identity can be provided.
I explicitly grant you permission (and encourage you) to push signatures of my key to public keyservers. I prefer https://pgp.mit.edu or hkps://hkps.pool.sks-keyservers.net (or use my own peer) but many keyservers syndicate and sync amongst each other these days, so chances are whatever public keyserver you use will be fine.
If you do NOT want me to push my signatures on your key to a keyserver, please alert me to this before I sign your key. If this is the case, I will create a non-exportable signature of your key for local use only.
I am on Keybase.io as squarer00t.
Changelog/Verification of this post
This article was originally composed on December 19, 2016.
-Oct 24, 2017: Added collated contact info
-Sep 07, 2017: Removed trust info (GnuPG keeps it secret, so I probably should too)
-Aug 30, 2017: SKS info added
-Aug 26, 2017: Signing/trust policy added
-Aug 25, 2017: Include complete key ID
My GPG pubkey fingerprint is:
7482 31EB CBD8 08A1 4F5E 85D2 8C00 4C2F 9348 1F6B
Detached signature of the above (ASCII text, *nix line-endings, ending with a newline character):
-----BEGIN PGP SIGNATURE-----
-----END PGP SIGNATURE-----
If you need to contact me, please feel free to do so via: