[Dshield] PGP Key Maintenance
Johannes B. Ullrich
jullrich at sans.org
Fri Jan 13 13:12:07 GMT 2006
I am going through our various keys to update them as needed, get them
properly signed and remove revoked keys over the next few days. Any old
(but still valid) keys will stay usable for now, but you may see some
new keys pop up.
The best location for all keys will be
https://isc.sans.org/PGPKEYS and https://www.dshield.org/PGPKEYS
The keys will also be uploaded to major public key servers (starting
I will make another announcement once the update is finished. If anybody
has access to a 'widely trusted' PGP key, I would appreciate any
signatures for our isc at sans.org key. Let me know if you want to arrange
The two "most important" keys will be:
isc at sans.org: 0x1F9D024D
Fingerprint: 61A5 C22B 65C0 7740 8D21 E563 BCB4 3887 1F9D 024D
jullrich at sans.org: 0xC9BFBFFD
Fingerprint: 296B 634C 9B51 C8DF E7CA 5AAC 3CDB 9761 C9BF BFFD
While I am on the topic:
I typically sign all my mail, not just "important" mail with PGP. If
your mail client does not support pgp, you may see an attachment (which
is the signature). Sadly, there are many "standards" to chose from. I
just happen to use what my e-mail client supports.
you will find PGP support available for most e-mail clients. There are
two 'main versions' of pgp:
- commericial version from www.pgp.com
- open source version (Gnu Privacy Guard, or GPG) from www.gnupg.com
A quick google search should find you a PGP plugin for your e-mail
client if its not already included.
Johannes Ullrich jullrich at sans.org
Chief Research Officer (617) 639 5000
PGP Key: https://secure.dshield.org/PGPKEYS
"We use [isc.sans.org] every day to keep on top of
security at our bank" Matt, Network Administrator.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 256 bytes
Desc: OpenPGP digital signature
Url : http://www.dshield.org/pipermail/list/attachments/20060113/9b9081d9/signature.bin
More information about the list