GnuPG information

Updated November 9, 2016.

NOTE: DO NOT USE GnuPG/PGP to encrypt messages to me. Owing at least in part to recurring difficulties with email clients and pinentry, which GnuPG now relies upon for passphrase entry, I am discontinuing routine use of GnuPG to sign and/or encrypt email. Sorry Werner Koch, but you really fucked this up. Even having old version one doesn't seem to address the problems. I am now forced to discourage use of GnuPG for email. Please see this page for other secure options for contact.

Graton, June 23, 2012

Please see this page for options to contact David Benfell.

This site is protected by a StartSSL class 2 certificate. I was required to verify my identity in order to obtain this certificate, so if I am in your presence pointing you to this page, you have a high level of assurance that the following information is reliable and that the keys on this page are in fact my keys. All of my currently maintained keys are available in an attachment at the bottom of this page.

I used to routinely sign my email messages cryptographically with GnuPG. Messages sent from my smartphone may sometimes be signed with a class 2 S/MIME certificate (issued by StartSSL).

Because GnuPG/PGP signatures are intended to verify that a message actually came from a particular individual, keys are a form of identification. Therefore, in expanding a web of trust, I will only sign keys whose ownership I can verify. That generally means in person with proper identification, however this entails recognition of government authority. So it might also mean, relying just as dubiously on corporate authority, a key posted on a website protected by an SSL certificate which requires identification (class 2 or above). Further information about this can be found on my RetroShare page.

RetroShare and GnuPG users should import the key 0x25E03ED6, preferably from the attachment a the bottom of this page, and confirm that the fingerprint matches the one listed below. NOTE: I do not currently have RetroShare working as it fails to correctly recognize my existing keys. For further information, see my RetroShare page.

Please note that GnuPG defaults to relatively weak encryption. For stronger encryption, you may find my HOWTO on how to set up keys useful. I have attempted to incorporate there the best advice that I can find.

Graton, April 28, 2012 Email may be encrypted to me at benfell@parts-unknown.org, dbenfell@saybrook.edu, dbenfell@gmail.com, and other email addresses I use, using the key 0x25E03ED6:

home-sabayon% gpg --fingerprint 0x25E03ED6
pub   4096R/25E03ED6 2015-09-05
      Key fingerprint = 9561 A7C4 3040 B899 C3E8  52EE EA26 97C5 25E0 3ED6
uid       [ultimate] David Benfell <benfell@keybase.io>
uid       [ultimate] David Benfell <benfell@parts-unknown.org>
uid       [ultimate] David Benfell <benfell@cybernude.org>
uid       [ultimate] David Benfell <benfell@disunitedstates.com>
uid       [ultimate] David Benfell <benfell@disunitedstates.org>
uid       [ultimate] David Benfell <benfell@greybeard95a.com>
uid       [ultimate] David Benfell <benfell@humansci.org>
uid       [ultimate] David Benfell <benfell@humanscience.institute>
uid       [ultimate] David Benfell <benfell@n4rky.me>
uid       [ultimate] David Benfell <dbenfell@gmail.com>
uid       [ultimate] David Benfell <dbenfell@saybrook.edu>
sub   4096R/C13AE074 2015-09-05

Or, for my Android devices, key 0xC87735FB:

home-sabayon% gpg --fingerprint 0xC87735FB
pub   4096R/C87735FB 2015-09-08
      Key fingerprint = F676 F4CA 5450 2177 16DC  707F 57CA 3749 C877 35FB
uid       [  full  ] David Benfell <benfell@parts-unknown.org>
uid       [  full  ] David Benfell <benfell@n4rky.me>
uid       [  full  ] David Benfell <dbenfell@gmail.com>
uid       [  full  ] David Benfell <benfell@humansci.org>
uid       [  full  ] David Benfell <benfell@cybernude.org>
uid       [  full  ] David Benfell <dbenfell@saybrook.edu>
uid       [  full  ] David Benfell <benfell@greybeard95a.com>
uid       [  full  ] David Benfell <benfell@disunitedstates.com>
uid       [  full  ] David Benfell <benfell@disunitedstates.org>
uid       [  full  ] David Benfell <benfell@humanscience.institute>
sub   4096R/9FE94C55 2015-09-08
sub   4096R/385CC214 2015-09-08

I can sometimes decipher messages sent for the Android key on my desktop, but not vice versa. I have attempted to revoke all other keys, but have, in some cases, misplaced the private keys.

In general, mail should be sent to my benfell@parts-unknown.org address. However, I also have a gmail address (dbenfell@gmail.com) and a university address (dbenfell@saybrook.edu). I use the gmail address as a backup for when my mail server is down for any reason, for subscriptions to certain mailing lists that I may be in dire need of should my mail server be down. I rarely send mail from the university address. The gmail address is also an address that I used during a long period when I had no mail server at all.

File attachments: 

Short URL: http://greybeard95a.com/3