0

What's the minimal (not the entire public key) and secure enough way of sharing your PGP key in an email signature?

unor
  • 1,769
  • 1
  • 19
  • 38
Samuel Shifterovich
  • 876
  • 9
  • 18

1 Answers1

3

If you have your publick key on key servers you can only share fingerprint, a link for download your public key is good if you haven't key on key servers or even when you have on key servers because maybe not all people use same key servers.

I use fingerprint and also I have a link to my public key on my blog.

gpg --recv-key B76036EDCAF1C2806B54F51F134C62027E67BBA2

Maybe also you can use key ID and it's possible search on key servers by email and check ID, but it's better to use fingerprint.

  • @SamuelShifterovich, looking by the name or email is not safe at all (anyone could upload a key claiming that it belongs to eg. [the US president](https://sks-keyservers.net/pks/lookup?op=vindex&search=whitehouse.gov)), although better than nothing (an optimistic ciphering). Using the short keyid, the key is much better narrowed, although there might be collisions. The full fingerprint is much safer (pay attention to the hash used, too). – Ángel Jun 20 '16 at 20:50
  • @Ángel but if is a sing of email, anybody can find by email and check the ID or fingerprint, or it's possible make a key with same ID? The fingerprint is better, but if can't use it, the second better is ID. –  Jun 20 '16 at 20:53
  • @Ángel Great point. And yeah, as the fingeprint can be used for both verification and receivement of the key, it's probably the best way. – Samuel Shifterovich Jun 20 '16 at 21:01
  • @JHG I'm talking just about a signature line including your key. Just by sigining the message you are implicitly sharing your key id, but I would still explicitly list either the short or long fingerprint if expecting them to easily get my key. And in fact, I doubt many people would initially notice that the message itself was signed with a different key than the one listed by the signature. – Ángel Jun 20 '16 at 21:05
  • @Ángel short/long fingerprint? – Samuel Shifterovich Jun 20 '16 at 21:09
  • 1
    @SamuelShifterovich; JHG fingerprint is B76036EDCAF1C2806B54F51F134C62027E67BBA2, but it can be abbreviated as 7E67BBA2, which is what we call the keyid. See also http://security.stackexchange.com/questions/84280/short-openpgp-key-ids-are-insecure-how-to-configure-gnupg-to-use-long-key-ids-i – Ángel Jun 20 '16 at 21:13
  • @Ángel Oh okay. So keyid = short fingerprint. – Samuel Shifterovich Jun 20 '16 at 21:24
  • @SamuelShifterovich yes :) – Ángel Jun 20 '16 at 21:25
  • I prefer a link to a keyserver I trust. E.g. https://pgp.mit.edu/pks/lookup?op=get&search=0xB76036EDCAF1C2806B54F51F134C62027E67BBA2 It has the key id (long!) for people who want to check but is also clickable to directly get the key. – Josef Jun 21 '16 at 11:27
  • @Josef You should let *other people* (i.e. the receiver) assess what is, or isn't, a trustworthy source. For me, your MIT server isn't (weak SHA-1 signature in the site's certificate, and the MIT server is known to alter/mangle some keys). I would also NOT trust any website using a StartSSL certificate (I have my reasons). I personally prefer a simple key fingerprint, and check it myself in my personal GnuPG installation. At least your link has the long id, so that's cool. – Diti Jun 21 '16 at 12:55
  • @Diti the handful of people who don't trust the MIT server can just use the key id! – Josef Jun 21 '16 at 13:01
  • @Diti Don't know if this changed recently, but pgp.mit.edu does NOT use SHA1 – Samuel Shifterovich Aug 13 '16 at 13:15