wowana.me

website source; use git clone git://wowana.me/wowana.me.git to clone this repository.
pgp.md (2217B)
      1 # pgp
      2 
      3 my current key is [<samp>FB02 FDAF D6C0
      4 5FE4</samp>](/pgp/0xFB02FDAFD6C05FE4.asc). use it to encrypt your
      5 messages to me, and use it to verify my signed messages.
      6 
      7 **my key is ECC-only. you must have GnuPG 2.0 or newer** or another
      8 compatible PGP program.
      9 
     10 when contacting me, **you must provide me a public key with a _valid
     11 E-mail address_** or I will ignore it.
     12 
     13 **my old key <samp>41CE 277C 721A 889E</samp> has been revoked.** you
     14 can verify this by using <kbd>gpg --refresh-keys</kbd>, <kbd>gpg
     15 --receive-keys 0x41CE277C721A889E</kbd>, or <kbd>gpg --fetch-keys
     16 https://wowana.me/pgp/0x41CE277C721A889E.asc</kbd>.
     17 
     18 I'm [keybase/opal](altnet://keybase.io/opal) as well.
     19 
     20 ## subkeys
     21 
     22 I have my master key and encryption key(s) duplicated and backed up
     23 offline. if I lose a signing or authentication key, I will just generate
     24 a new one and revoke the old.
     25 
     26 * `C ed25519/0xFB02FDAFD6C05FE4`, offline master key
     27 * `E cv25519/0x4C0D6F0D872C89C2`, [Mareep](/pages/devices.xht#mareep)
     28 * `S ed25519/0xD64AC4EF1563A64E`, [Mareep](/pages/devices.xht#mareep)
     29 * <del>`S ed25519/0xCCA79DEDC63CA163`, expired, [kanpachi](/pages/devices.xht#kanpachi.wowana.me)</del>
     30 * <del>`S ed25519/0x36F6D82A4CD82407`, revoked, unknown use</del>
     31 * `A ed25519/0xDB9E5D2DF2699CDE`, [Mareep](/pages/devices.xht#mareep)
     32 * `A rsa4096/0xF283980C907A0ACB`, [mahin](/pages/devices.xht#mahin.wowana.me), to authenticate with
     33   dropbear on [raimu](/pages/devices.xht#raimu.wowana.me) and [minits](/pages/devices.xht#minits.wowana.me)
     34 * <del>`A ed25519/0x3BB3A966C0AA790C`, revoked, unknown use</del>
     35 * <del>`A ed25519/0x1D5BC97BF7D713C1`, revoked, [kanpachi](/pages/devices.xht#kanpachi.wowana.me)</del>
     36 
     37 ## keysigning policies
     38 
     39 ### signature levels
     40 
     41 <ol>
     42 <li value="0">this key is in my ring; I trust it casually but make no
     43 formal assumption as to the key's legitimacy.</li>
     44 <li>I have reasonable belief that this identity is the keyholder's, for
     45 example by verifying on their official website or via a service such as
     46 Keybase.</li>
     47 <li>as level 1, in addition to verifying the keyholder's E-mail
     48 address.</li>
     49 <li>as level 2, in addition to verifying the keyholder's identity in
     50 person.</li>
     51 </ol>
     52 
     53 ### signing procedure
     54 
     55 dude trust me lmao