PGP Keys

PGP is a technology for protecting e-mail. It allows you to do two things:

Verify that I actually sent a particular message, in an unforgeable way. The From: line in an e-mail message is very easy to fake, but PGP signatures cannot be faked unless someone steals or breaks my secure identifier.
Encrypt a message so that no one but the intended recipient can read it.

I do not regularly use PGP for encrypting my e-mail, due to poor user experience and software support. However, I can receive PGP-encrypted messages, and encourage its use for security-sensitive information. I would like to be able to support ubiquitous encryption of communication, but it’s unclear that this is a feasible goal on top of e-mail.

For more information on PGP, read my brief description. If you want PGP software, here are some popular options:

Enigmail, an extension for Mozilla Thunderbird to handle secure e-mail. This is probably the easiest to get started with on most platforms.
End-to-End is a new project to support encryption in Gmail.
GNU Privacy Guard implements the core PGP technology, and is used by many mail programs to provide PGP support (including Enigmail, and most Linux mail clients).
Claws Mail is a mail client with good PGP support (via GnuPG).
GPG4Win provides GnuPG, along with a GUI, Claws Mail, and an Outlook plugin, for Windows.

This page lists my PGP keys and their fingerprints. You should not take these fingerprints as authoritative; they are here for reference only. If you want to sign my key, ask for the fingerprints in person or via some other secure, authenticated channel. Do this even if you are viewing this page over SSL.

Active Keys

All my keys are available from public keyservers (published via http://keys.gnupg.net).

7557 2AE7 17ED 2F00 B049 619C B4B3 2975 ADC0 E31A: My primary key, managed with a smartcard. View on keys.gnupg.net.

All keys are signed with my personal key, and have signed my personal key.

I am also mdesktrand on Keybase.io.

Expired / Revoked / Obsolete Keys

Learning PGP is a process, and along the way I’ve had to revoke some keys. Some others are also obsolete, as I have lost the private key and revocation certificate. I have no reason to believe these keys are compromised — so far as I know, no one else has the private key either — but they should not be used.

2C72 9878 7AAE D8B1 5AE2 2565 0909 5304 B705 7427: My old primary personal PGP key, for md@ekstrandom.net. Expired July 20, 2017. View on keys.gnupg.net. 30B2 E071 7C75 3283 C0FD 2935 4D21 D8CF A5EA B602; My Texas State University key, associated with ekstrand@txstate.edu and m_e114@txstate.edu. Expired July 31, 2016. View on keys.gnupg.net. 8E05 369F 566E DF16 73C3 4B4D 7EA4 E178 D33C DFDE; My UMN key, associated with ekstrand@cs.umn.edu and ekstr041@umn.edu. View on keys.gnupg.net - 17E5376C — old personal key for michael@elehack.net. I revoked this key on Jan 1, 2014, to replace it with B7057427 and a new key management regime. View on keys.gnupg.net. - 78DBE585 — revoked obsolete personal key - 2507F50B — revoked obsolete school key - 1869A9D5 — obsolete personal key - A1C7338E — obsolete personal key - C1934DCC — obsolete personal key

Key Signing Policy

Key signing is a critical piece of building up Web of Trust. I am willing to sign keys whose fingerprints I have received in person, accompanied by appropriate identifying documents. If you want me to sign your key, here is the procedure I wish to follow:

We meet in person at a pre-arranged time and place. The place must be well-lit and we cannot be rushed or in a hurry.
You bring the following:
- A printed copy of your key fingerprint (the output of gpg --fingerprint, or the equivalent if you do not use GnuPG). A neat, hand-written copy is also acceptable.
- A state-issued photographic ID. Currently, I am only prepared to verify passports and U.S. drivers’ licenses.
- The user IDs you want me to sign. Each user ID must contain your legal name as printed on your photo ID, modulo character encoding differences; middle name(s) can be missing. Each PGP key can have multiple user IDs, and I will only sign the ones you ask me to.
If you are also willing to sign my key, I will bring appropriate documents to comply with reasonable key signing policy requirements. My personal business card contains the name and e-mail address of my primary UID along with my PGP key fingerprint; I would generally prefer if that (in conjunction with my U.S. passport, Texas driver’s license, or Texas State University faculty ID card) is acceptable.
I will check your photo ID against your appearance to the best of my ability, and verify that it matches the user IDs you have requested me to sign.
I will sign the printed fingerprint in your presence and take it with me.
Upon returning home, I will retrieve your key from a public key server or other designated location (it is easiest if your key is available via the http://keys.gnupg.net network).
I will e-mail the signature(s) of your key to the e-mail address in each UID I sign. The signature will be signed by my key and encrypted to your key. This will be a Level 3 signature. If you want me to sign a UID without an e-mail address, I will e-mail the signature to the e-mail addresses on the other UIDs or to an e-mail address you specify, but this will only be a Level 2 signature.

If you want me to sign your key, do not upload your private key to any online service. This includes keybase.io’s web-based crypto capabilities, even though they use client-side encryption; the threat models surrounding cryptography in browser-based JavaScript and the legal frameworks governing online services mean that it is impossible to provide sufficient confidentiality guarantees for private key material.

I recognize that the real name requirements in this policy are problematic, and are perhaps inconsistent with my overall interest in promoting robust pseudonymity on the Internet. I would like to sign pseudonymous keys, but need to determine what it means to sign such a key and how to do so securely before I am willing to do so. I welcome pointers to documents on how others have thought through the implications of psuedonymous encryption identities.

Also, the dependence on government IDs in this protocol may seem a bit odd for privacy-oriented people in the post-Snowden world. I’ve written more about why I consider government IDs to be a reasonable basis for key signing, even in the presence of potential state-level adversaries, here.

This policy is modeled off of those of Patrick Näf Moser, Daniel Roethlisberger, Marcus Frings, and the HantsLUG key signing advice.

Signing at Conferences

I am often at academic conferences, and they provide a good opportunity to swap and sign keys. If you would like me to sign your key at a conference, the same basic policy applies with a few details to make logistics easier.

I’ll happily swap keys over meals or during breaks, if there is a reasonable place to meet outside the main bustle with room to write in a notebook.
Contact me prior to the break during which you want to swap keys. This will allow me to make sure to look for you and be ready. You can contact me by Twitter, e-mail, or text. Twitter and text are the most likely to reach me quickly; if the conference has good wi-fi, I will be on Twitter regularly, but may or may not be checking my e-mail as often.
I’ll probably only have my business cards with me for a printed copy of my key fingerprint. Also, if the conference is in the United States, I will probably have my drivers’ license (issued by the state of Texas) but not my passport.
I will issue the signatures when I have returned home from the conference.
I am willing to hand-transcribe the key fingerprint into my notebook from a digital source, such as a laptop or smartphone, but this will make the key exchange take longer.