Something went wrong with my gpg keychain.

Needless to say I have completely regenerated my keychain and moved the subkeys to a smartcard for increased security. New public key (fingerprint: 116D B25C A5C4 73C5 3262 BEDC 8322 D167 9829 59BF) is in the same place as always.

Now to resume the regular flow of nobody using gpg to encrypt emails to me.

Updated GPG Public Key

Just a quick note to say my GPG public key has been updated. Same fingerprint and key ID but I added an authentication subkey.

Also, I am in the process of migrating to a hardware token for increased security so my keychain will be completely regenerated at some point, once I have ironed out all the kinks and done some more research. Will keep you posted.

Cryptographic ID

A couple days ago, Peter posted about having a record of cryptographic information that folk can use to verify that he is who they think they are communicating with. I thought this was a good idea and set about creating my own record.

The idea is broadly similar to Keybase but doing it this way means I am not relying on their system for providing verification. It does mean that there is less automation involved but it should be workable for everyone who uses GPG/PGP.

For the record, my current GPG key setup is less than ideal. The private key is held on my daily use machine which is not the most secure method. I have ordered a set of smart cards and a USB reader and I will regenerate my keys to be used on them on an air-gapped computer, likely running Libreboot. When this happens, I will update the id file with my new public key fingerprint and also sign the file as before.

I fail at subkeys

My buddy Scott and myself have been trying to get his GPG system set up. Signing to him works, he can sign mails to me, I can encrypt mail to him. He can't send encrypted mails to me.

Long story short, my encryption subkey expired a few months ago. In my defence, "expires" and "expired" look bloody similar in a monospaced font on a terminal. I've extended the expiry date.
Grab my updated key here or do gpg --recv-keys BAF45865 to update.