- Fetching my Public Keys
- SKS Mirror
- Signing my key
- Proof/Verification of Identity
- Signing/Trust Policy
- Signature Pushing
- Changelog/Verification of this post
- Contact Information
Fetching my Public Keys
You can fetch my key via:
gpg --recv-keys 748231EBCBD808A14F5E85D28C004C2F93481F6B
- hkp://sks.mirror.square-r00t.net (plaintext)
- hkps://sks.mirror.square-r00t.net (encrypted)
--keyserver argument to gpg, or via dirmngr:
echo 'keyserver hkps://sks.mirror.square-r00t.net' >> ~/.gnupg/dirmngr.conf gpgconf --reload dirmngr
If you would like to peer with me, please send me an email.
Make sure you include the following information:
- Subject: SKS PEER REQUEST
- Your GPG Key Fingerprint/full key ID (not long or short key ID)
- Your member line (e.g.
my.key.server.tld 11370 # Name <email> 0xYOURKEYID)
- What SKS version you’re using
- When your last full dump is from and where you got it from
- If you support IPv4, IPv6, or both
- If you support HKPS
- Your Status URL
- The number of currently loaded keys
- The geographical location of the server
- A direct contact for administrative purposes if it differs from the address the request was sent from (will not be released publicly)
Signing my key
Proof/Verification of Identity
If you are geographically far from me (and a physical meeting is unlikely) but you would like further confirmation/verification, please feel free to email me (Subject: GPG IDENTITY VERIFICATION REQUEST) to arrange a video conference to do this.
- State/Government-issued Identification (Signatures/confirmation: SIG, ASC)
- Personal Confirmation/Verification (Signatures/confirmation: SIG, ASC)
I will give exportable signatures to keys of which key owners provide proof of identification/ownership.
For keys that are not validated owned/identified, they are limited to local/non-exportable signatures only.
If you have generated a new primary key and I have signed the previous one, send me an email GPG-signed by you (using the old key) notifying me of your old key fingerprint, the new key’s fingerprint, and where the new public key can be fetched (if not attached). Trust will be granted but limited to a lower level than before until sufficient proof of ownership is given (I’ll tell you what you need for the next level if requested).
If you no longer have access to your old key, a local/non-exportable signature only will be made until further verification of identity can be provided.
I explicitly grant you permission (and encourage you) to push signatures of my key to public keyservers. I prefer https://pgp.mit.edu or hkps://hkps.pool.sks-keyservers.net (or use my own peer) but many keyservers syndicate and sync amongst each other these days, so chances are whatever public keyserver you use will be fine.
If you do NOT want me to push my signatures on your key to a keyserver, please alert me to this before I sign your key. If this is the case, I will create a non-exportable signature of your key for local use only.
I am on Keybase.io as squarer00t.
Changelog/Verification of this post
This article was originally composed on December 19, 2016. Updates: -Oct 24, 2017: Added collated contact info -Sep 07, 2017: Removed trust info (GnuPG keeps it secret, so I probably should too) -Aug 30, 2017: SKS info added -Aug 26, 2017: Signing/trust policy added -Aug 25, 2017: Include complete key ID My GPG pubkey fingerprint is: 7482 31EB CBD8 08A1 4F5E 85D2 8C00 4C2F 9348 1F6B
Detached signature of the above (ASCII text, *nix line-endings, ending with a newline character):
-----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEdIIx68vYCKFPXoXSjABML5NIH2sFAlnu74IACgkQjABML5NI H2vhbg/+P+W9LEuU6DsqHhR7qq9MHtvm2RfoezVohWykllCKN48D9Mr1HZqdSP2+ /nh+nCJY1ZCmGT54nVnNDnN4vSJBMiX0ZUJ0esa2ysluG0V6EtFYeYIPSf/9yUM1 HBrw8lp1qdyaspiONOOyo3hWxIfoHtaNiyjRh5QlJE5XOk+4xmXv2EIIWiqskdJb 2fOwvffdT9/e0JSd5Uqvq4CjvccbC0TnWlUM0vS61Gl0loGHQoro4xF4R3OGah9Y 5u0y/i9aeyBwfCBKBOeqtrAq0V7htDAWCDr4/vDjRQfqSatrVTVZiUhXHkP4WJij pLRWaF40mkBYmCdGt/XwT9RxsBB77SU3WDj259ArnSqBrpslCf3s7I9Y7D92lpPk JN40+x2JgYRaK4qDLEGsXiCBlTgP+GiyNJp48Eq0RnP53brIkn+EG1OOYBYBRFWf j54s40Nm5nyYbzMjpHAql131/hCJWFhTbyKAwZvoQ8ZCmyr4/bM8e6OWdeIh6cln XxIJWsbd/IwR+M/0yXTiCnoQI3jtunwL/xryGacyX54uXgxWP+HSEt400QI9CH8w SpBYiB7kCUouXXj7Ki3F4NkW3WTBgx7h4++BP9L4kn71mksBEHYY+zgJhDZxhh8x HjEmnbaVfYUJSd7/vrOCNBTkYbxc7Bk/X9ywAqQqD6AsLPO1Unk= =5Ynk -----END PGP SIGNATURE-----
If you need to contact me, please feel free to do so via: