Hello. You may have just browsed on to this page at random. But it's more than likely that you were directed here by myself, quite probably in an email signature or in documentation for a program.
This page has two functions - it allows people that know about GnuPG to make an informed choice about myself and my usage of GnuPG. And it allows those who don't know what GnuPG is to learn a little about what it is and why I use it.
My GnuPG key is used to sign emails and secure communication on occasion. It also gets used to sign software, so that you can be more certain that the software hasn't been tampered with since it left me.
The fingerprint for the key is:
7C18 7186 A43D C2BC B697 44A6 4FA9 32BE F76D 995D
So that there's no mistake, that's:
SEVEN CHARLIE ONE EIGHT
SEVEN ONE EIGHT SIX
ALPHA FOUR THREE DELTA
CHARLIE TWO BETA CHARLIE
BETA SIX NINE SEVEN
FOUR FOUR ALPHA SIX
FOUR FOXTROT ALPHA NINE
THREE TWO BETA ECHO
FOXTROT SEVEN SIX DELTA
NINE NINE FIVE DELTA
If you were just coming here to verify the fingerprint, congratulations - you succeeded!
You can download my GnuPG key, or find it on the hkp://subkeys.pgp.net server.
Please note that I had an old key, which has since been revoked. If the details you see up there don't match what you expected, then please make sure that you're using the right key.
This is as good a place as any to remind you that you should be careful when signing keys.
Please feel free to sign my key, if you feel that you've verified my identity and that the key is mine. But don't sign it with an exportable signature.
Exportable signatures will follow the key if you send it on to anyone else. Effectively, you're staking your reputation on whether or not this key is valid.
That's a heck of a risk. Only people that know me should sign my key as exportable, I'd say.
You have been warned.
GnuPG - GNU Privacy Guard - allows me to digitally sign emails and files. It also allows me to encrypt emails and files so that only someone else using GnuPG can decrypt them. GnuPG is a very secure, proven technology which is relied upon by many millions of people around the world.
The signatures GnuPG generates are, mathematically speaking, unique to me. That is to say that only someone who can access my PC and then unlock my GnuPG keyring can sign anything as me. Given that only I know the password for my GnuPG keyring, that makes it unlikely that the signature can be forged.
To the best of my knowledge, in the EU, digital signatures are considered legally binding for business use. Such legislation will extend around the world in time, as other governments accept this new technology. So I'm just getting on the bandwagon early, I guess. :-)
See the GnuPG homepage for more details of how to jump on this bandwagon use this technology for yourself.
The icons above show my support for web standards. If you have your own web page(s), I recommend that you try to support web standards too.
This website is hosted by 1&1 Webhosting.
The contents of this page are copyright © Philip Storry, 2004.