August 23, 2019

Pretty Good Privacy

A day may come when the email of humanity fails, when we forsake our friends and break all servers in federation, but it is not this day

Just The Facts

The key is available from most keysevers, including Mailvelope

You could also, if you choose, download it from this very website : https://twilighteve.com/keys/f535aeecc57bc4eefe626871b19cd61961b5b9da.asc

Twitter?

Did you come here from my personal twitter @graymagkier ?

Rotating Encryption Key

A careful inspection of my key, which you should do before deciding to trust it, will reveal that there is a separate encryption subkey and that it expires on October 4th, 2019. The reason is primarily to provide partial forward security which is, as far as I know, not a real term anyone uses. Rotating the encryption subkey limits exposure of any one set of messages.

OpenPGP relies on trusting the endpoints of communication. That is, by sending encrypted email/files to me you trust that my computer is secure. I try my best to keep my laptop secure[1] but no security is perfect. Perhaps more than limiting exposure, rotating the encryption subkey could possibly reveal a compromise of my private key (attackers are no more infallible than those they attack).

What Does This Mean?

In short, refresh my key from the above places if you haven’t done so since the date above. The fingerprint and ID of the main key will not change when changing the encryption subkey, this is intentional because the trust is vested in the primary key and not the subkeys.

I will keep the expired subkey on the key for somewhere between 7 and 10 days after the expiry date. After that I will delete the subkey and will be unable to open messages encrypted to the expired key. This is also intentional. I will save/transfer any information that I need/want to keep but anything stored on mailservers will become unreadable, even to me, after about 70days.

Yes. This relies on you to trust me to actually delete the subkeys. There is no way around trusting the person you are sending encrypted communication. No amount of technology can prevent someone from getting the plaintext and then sending it to someone else in an insecure manner. Anyone who tells you different is selling something, and you shouldn’t buy it.

Notes

[1] My personal laptop, the computer that I store the private keys on, runs Ubuntu 19.04 and uses whole disk encryption via LUKS. The private keys are never stored on unencrypted hard-drives. The passphrase for both the hard drive and the private key is different, and each is 5+ words long and includes capital letters and numbers. Nothing is perfect, and this set up could be better. But, I consider this setup to be better than trusting a centralized entity to control private keys.


Like this? Please Share it:

© Steven Malins 2019