This section of my website is devoted to PGP.  I am a large fan of privacy, as well as being a bit paranoid, so I like the idea of PGP and its public key infrastructure.

Not surprisingly, I have a PGP public key.  It’s key ID 026A27F2 with fingerprint D200 5BDB FC4B B24A 9248 9F7A 4322 2D22 026A 27F2.  It’s available from all of the OpenPGP keyservers I know of, but you can also grab it here, if you like.  (Use of my previous key, id D8C75CF5, is now deprecated.)

I’ve written a tutorial that covers the basics of using GPG (the GNU Privacy Guard) to create, sign, and use a PGP key.  I’m not sure why, but I’ve kept around the IRC log (also HTMLified) that led to the tutorial in the first place.

A friend of mine (Mike Gurski) wrote a simple script to send and receive keys to and from all of the keyservers at once.  I made a few changes and the result is recv-keys.

I’ve put up a page with my keysigning policy, so people can see what criteria I use for signatures.

Finally, I have a set of tools I use to maintain a graph of my web of trust.  gpgtree_funcs is a set of shell functions to run everything.  (They work in zsh and should also work in any Bourne-shell-compatible shell.)  Basically, they work by maintaining a separate keyring solely for the web of trust.  In order for them to work, you’ll need gpg, perl, the previously-mentioned recv-keys script,, and dot and neato from graphviz.  Note that, worldwide, there is one “strong set” of keys that all have connected signature paths.  This set is (at last count) roughly 10000 keys in size.  If your key is a member of this set, these scripts will not work for you.  As they have ceased working for me.  I’m trying to figure out a better approach.