🔐 Keys, Signatures, and Encryption
These are my most commonly used keys for encrypting and signing my work.
I usually sign my git commits with my PGP key.
I typically sign my emails with S/MIME; I can send and receive S/MIME and PGP encrypted email (PGP not available on the phone).
PGP Key
My PGP key is available over Web Key Directory (WKD), common Keyservers, and for download here. I typically use PGP for signing git commits, for encrypted email conversations, and for some other encryption tasks. I do not have access to my PGP key on my phone, so I cannot receive PGP encrypted email on the go. GitHub verifies my commits based on this key; double-check this key with the PGP keys on Github profile I am happy to participate in PGP key signing, even though this is hardly a thing anymore. The PGP public key site explains how I use this key in detail.
pub ed25519/0x09F1850D58C7ABD4 2021-03-22 [C] [expires: 2028-12-31] Key fingerprint = 1BF4 0D68 8714 93F1 04AC 3387 09F1 850D 58C7 ABD4 uid Jan Philip Bernius <janphilip@bernius.net> sub cv25519/0x2B5AEA095D0920E3 2021-03-22 [E] [expires: 2024-12-31] sub ed25519/0xC1E164F61967BFDE 2021-03-22 [S] [expires: 2024-12-31]💾 Download PGP Key (asc)
X.509 Key (S/MIME)
S/MIME is my go-to email encryption format as of the seamless client support (including mobile) and a slightly better adoption than PGP. I am using a X.509 key for email signing and encryption issued by self-signed certificate authority.
Certificate: Data: Version: 3 (0x2) Serial Number: 3d:0e:db:a6:91:6f:2e:a2:c0:ce:f0:d1:6f:39:c2:42 Signature Algorithm: ecdsa-with-SHA384 Issuer: C=DE, ST=Bavaria, L=Munich, O=Bernius Trust, CN=B20 Validity Not Before: Oct 1 02:00:00 2022 GMT Not After : Feb 1 02:00:00 2026 GMT Subject: C=DE, ST=Bavaria, L=Munich, O=Dr. Jan Philip Bernius, CN=Dr. Jan Philip Bernius Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (4096 bit) X509v3 extensions: X509v3 Key Usage: critical Digital Signature, Non Repudiation, Key Encipherment X509v3 Extended Key Usage: critical TLS Web Client Authentication, E-mail Protection X509v3 Subject Key Identifier: AE:9D:FA:51:AD:3C:0D:90:7B:C3:D8:66:BB:8B:31:7C:92:BE:D6:42 X509v3 Authority Key Identifier: CC:18:1F:2B:91:3F:E2:19:08:9B:5E:1B:B3:C8:A0:7A:3A:74:76:04 X509v3 Issuer Alternative Name: URI:https://code.bernius.net/trust/certificate-authority, email:certmaster@bernius.net Authority Information Access: CA Issuers - URI:https://code.bernius.net/trust/certificate-authority/raw/branch/trust/certs/b20.cert.pem X509v3 CRL Distribution Points: Full Name: URI:https://code.bernius.net/trust/certificate-authority/raw/branch/trust/crls/b20.crl X509v3 Subject Alternative Name: email:janphilip@bernius.net Signature Algorithm: ecdsa-with-SHA384 Signature Value: 30:65:02:31:00:a9:97:07:69:6e:6a:af:d3:75:ac:41:06:d4: 28:07:c9:e9:11:42:f4:78:ea:7b:64:06:a7:ea:0c:1e:ca:e7: 23:c0:50:c6:65:3c:87:ba:93:de:8f:35:44:7d:e0:04:70:02: 30:01:60:66:ed:d6:d3:b5:32:e6:db:09:3e:4d:82:4f:39:b1: b4:d2:39:f2:e0:6d:ff:fa:a8:83:c2:8d:e0:21:2f:11:1e:38: 0b:a1:e9:8f:f9:ab:4a:f5:c1:6e:54:32:14💾 Download X.509 Key (pem)
SSH Key
I primarily use this key for SSH access. Ocasinally, I use it also for git commit signing (mostly when I do not have access to my PGP key; or when my PGP key is expired). You can verify this key by comparing it with the SSH keys on Github profile.
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICL4W7mpbNIr7qzlHYHsrlzFcOkb02sYj5I6Gr0efKf2 Dr. Jan Philip Bernius <janphilip@bernius.net>💾 Download SSH Key
iMessage Contact Verification Key
My primary instant messenger for personal matters is iMessage.
I have iMessage Contact Key Verification enabled.
This is my Public Verification Code:
APKTIDj-vUQobNslpnPo5RyOdIdUlB-nx7aZYku09bVot--Tn0ww
Others
While I have accounts and keys for other encryption-enabled tools such as Matrix or XMPP, these channels are an edge case and I do not list these keys here (for now).
I use a different set of keys for Work related content, especially SSH and X.509 keys. My work keys are out of scope for my personal site.