The following is the public key for my public identity via Gmail. To make use of it, you will want to have GnuPG installed.

PGP key From October 2021 to present.

PGP key From March 2019 to October 2021.

This key is used for signing and/or encrypting documents, like email messages or ordinary files. It is also used with GitHub to sign code commits for some projects.

Using My Key

You can download my current PGP key from the key server keys.openpgp.org. If you do not have access to a keyserver, you can download the PGP public key file from this site.

Once you have the key file perform the following command:

$ gpg --import /assets/keys/644CF77829C7C3BB5B868DC896A0664B9D482667.asc

Please feel free to sign my key, if you feel that you’ve verified my identity and that the key is mine. But don’t sign it with an exportable signature.

Why Use PGP?

PGP (Pretty Good Privacy) allows me to digitally sign, or even encrypt, emails or files. Signed emails or files means that you can be sure it is I who sent them. Encrypted emails and files means that only someone using the proper PGP key can decrypt them.

Only someone who can access my computer and then unlock my PGP keyring can sign anything as me. But given that only I know the password for my PGP keyring, it is rather unlikely that my signature be forged.

I use OpenPGP via GnuPG. On macos I use GPG Suite via Homebrew (packages gpg, gpg-suite-no-mail, gpg-suite-pinentry).

Personal Identity

For my personal identity I use ProtonMail (as well as the excellent ProtonVPN).

PGP key