1. Signing PGP keys

    If you've recently completed a key signing party or have otherwise met up with other people and have exchanged key fingerprints and verified IDs, it's now time to sign the keys you trust.  There are several different ways of completing this task and I'll discuss two of them now.

    caff …

    read more
  2. Secure E-mail

    E-mail is inherently insecure.  Just as sending a post card, any message sent by e-mail can be read by any number of people, including those monitoring the network path, the servers that process the message along its route, or anyone with access to the distant computer.  Basically you should consider …

    read more
  3. New year, updated keys.

    GnuPG LogoI run a SKS key server and watch my daily numbers to see how many keys get updated, etc.  Being a numbers guy I wondered how many people, like me, update their GPG keys, I specifically update the expiration date and generate new encryption keys annually, at the beginning of …

    read more
  4. Expiring OpenPGP keys...

    A discussion was had on one of the Fedora IRC channels months ago about the "proper" way to handle expiring GPG keys without breaking the web of trust. It was my opinion that by generating new keys every so often (yearly?) that it would increase the security of the overall …

    read more