⚠ WARNING: Your PGP or S/MIME encrypted email may not be secure. ⚠

It is strongly recommended to turn off decryption in your email client and remove your keys from it, and to use other methods for transmitting sensitive information while this situation remains unresolved. Use GnuPG (or a similar tool) on the command line to perform offline PGP operations.

If you prefer to communicate with me via secure (encrypted or signed) email then you can do so using GnuPG or another OpenPGP implementation.

I create a new general purpose key every year. My key for 2018 has the fingerprint CC8A F1A1 142D 4663 74CC  9578 B55E 6E46 C002 4086. You may also wish to fetch my (expired) keys for 20172016, 2015, 2014, 2013, 2012 and 2011.

My key signing policy is that you must convince me:

  • If I have known you for twenty years, you have photographic ID and you can provide incontrovertible proof that you are not an impostor, then I may be prepared to sign your key with my high assurance key.
  • If I am convinced by your charm and good standing, and some basic evidence that you are really you, I will sign with my low assurance key.
  • Somewhere in between, I will use my medium assurance key.

Bear this in mind when choosing whether to trust a key based on my signature.

My identity key has the fingerprint E77B FEE3 8497 6B51 A63A  4936 D875 CB36 473C 3FAA. All of my current keys are signed by it. If you trust that I am who I claim to be, then please at least sign this one.

The following keys have been superseded and therefore revoked: my previous identity key, my previous high assurance key, my previous medium assurance key, and my previous low assurance key.

All of these keys can also be found on public keyservers.