This section of my website is devoted to PGP. I am a large fan of privacy, as well as being a bit paranoid, so I like the idea of PGP and its public key infrastructure.
Not surprisingly, I have a PGP public key. It’s key ID 026A27F2
with
fingerprint D200 5BDB FC4B B24A 9248 9F7A 4322 2D22 026A 27F2
.
It’s available from all of the OpenPGP keyservers I know of, but you can
also grab it here, if you like. (Use of my previous key, id
D8C75CF5
, is now deprecated.)
I’ve written a tutorial that covers the basics of using GPG (the GNU Privacy Guard) to create, sign, and use a PGP key. I’m not sure why, but I’ve kept around the IRC log (also HTMLified) that led to the tutorial in the first place.
A friend of mine (Mike Gurski) wrote a simple script to send and
receive keys to and from all of the keyservers at once. I made a few
changes and the result is recv-keys
.
I’ve put up a page with my keysigning policy, so people can see what criteria I use for signatures.
Finally, I have a set of tools I use to maintain a graph of my web of
trust. gpgtree_funcs
is a set of shell functions to
run everything. (They work in zsh and should also work in any
Bourne-shell-compatible shell.) Basically, they work by maintaining a
separate keyring solely for the web of trust. In order for them to work,
you’ll need gpg, perl, the previously-mentioned recv-keys script,
sig2dot.pl, and dot and neato from
graphviz. Note that,
worldwide, there is one “strong set” of keys that all have connected
signature paths. This set is (at last count) roughly 10000 keys in size.
If your key is a member of this set, these scripts will not work for you.
As they have ceased working for me. I’m trying to figure out a better
approach.