Privacy is good. I think in a perfect world all correspondence between people who know each other would be encrypted — if only secret stuff is encrypted, then everyone knows that the message contains secret stuff. Toward that end I’m starting to build my own web of trust by making it easy for people to get my public key. If you have GPG or PGP installed, you can cut the block of text at the bottom of this page and import it into your keychain.
If your email program supports it (most will after GnuPG and its various bits are installed), you can download my key directly from pgp.mit.edu (search for my email address), then verify it with the fingerprint below. Otherwise, you can use the version at the bottom of this page. Once you import the key and verify the fingerprint, then you will be able to send me encrypted emails (the first should include your public key), and you will be able to verify my digital signature.
The fact that nothing I say is worth encrypting is beside the point. (In fact, it’s none of the Government’s or any corporation’s business that I have nothing to hide.) Lots of people who have “nothing to hide” have been hurt when their emails get out, not only because of what they say but because of how they say it. And remember, this not only helps you keep stuff secret, it prevents others from modifying your messages later and getting you in trouble.
With Google and others trending farther and farther away from the interests of their users, it’s only a matter of time until your emails are considered public, or at least the property of the host. Protect yourself. Sign all your messages and encrypt what you can.
A brief overview of the subject and a get-started guide are here. The installation instructions are for Mac, but the overview and the explanation of the web of trust apply to all platforms.
My web of trust currently has exactly two members, including myself; I have endorsed one friend’s key, and copied my endorsed version back up to the keyservers. Not so much a web as a strand of trust, I suppose. Still, at least there are two people on the planet with whom I can converse without worrying about it being used against me later. I’m hoping to expand that network. I would like to have a link I could put here to help Windows users get up and running. Any suggestions welcome.
OK, here’s my key:
No matter how you get the key, here is the fingerprint that should match when you’re done:
Fingerprint: 24B6 30B9 E22E 3655 C6C7 372E 5EDC 4546 44C8 578C
Option 1: In your email software, download the key from a keyserver like wwwkeys.pgp.net, searching on my email address.
Option 2: right-click to download this file, and import it into your keychain: