Short version: you probably want 0x35F36FFACBECCA80 (RSA) and 0xE9284A604B202EF3 (ECC).

Long version: I have two parallel sets (ECC and RSA) of three keys in active use and one obsolete key in the process of being retired, as described below:

For personal correspondence:

Use 0xE9284A604B202EF3 (ECC); fingerprint is 2D7F 0064 F6B6 7321 0844 A96D E928 4A60 4B20 2EF3. If your PGP doesn't have ECC support yet, use 0x35F36FFACBECCA80 (RSA); fingerprint is 7895 9F53 C6D1 2AFD 6344 AF6D 35F3 6FFA CBEC CA80.

For Tor Project purposes:

Use 0xA4FFBC34F01DD536 (ECC); fingerprint is BDF5 F867 8A52 4E4A BECF DE79 A4FF BC34 F01D D536. If your PGP doesn't have ECC support yet, use 0x419113D9D0CFBDA5 (RSA); fingerprint is 3611 95A4 0740 ED1B 7EA5 DF7E 4191 13D9 D0CF BDA5.

Key-signing and long-term identity key:

Use 0x34E9268689A14A72 (ECC); fingerprint is 3720 33FC 6838 ED0F EE95 6B44 34E9 2686 89A1 4A72. If your PGP doesn't have ECC support yet, use 0xAD74D25DBFF6CDD0 (RSA); fingerprint is B7BF 4968 AF00 DB09 CB88 57A7 AD74 D25D BFF6 CDD0. If I sign your key, these are what I will use; furthermore, any key not signed by these keys is not mine. If you sign my key, you should sign both of these, and some subset of {0xE9284A604B202EF3, 0x35F36FFACBECCA80, 0xE9284A604B202EF3, 0x419113D9D0CFBDA5} depending on which UIDs you mean to sign.

0xAD74D25DBFF6CDD0 and 0x34E9268689A14A72 also have encryption and signing subkeys which are stored offline and which may be used for particularly sensitive purposes.

Old deprecated key:

From 2007 to 2012, I used 0xD1D8B7B16BFEF7CE; fingerprint B593 78C9 DDEB 2DFE 2E29 FF59 D1D8 B7B1 6BFE F7CE. This key should not be used for new correspondence and will expire on 2015-09-14.

Back to main page.