Despite its shortcomings, I think PGP is still one of the better ways to verify a person’s identity. Because of this — and because I use my PGP key daily1 — I make an effort to properly secure my private key. Verifying a PGP key is a fairly straightforward process for fellow PGP users, and my hope is that anyone who does verify my key can maintain a high confidence in its signature.
However, I also use other cryptographic channels to communicate — XMPP/OTR and Signal chief among them. I consider these keys more transient than PGP. The OTR keys on my computer are backed up because it takes no effort to do so, but I have no qualms about creating new ones if I feel like it. I don’t bother to port the same keys to other devices, like my phone. My Signal key is guaranteed to change anytime I rebuild or replace my phone. Given the nature of these keys and how I handle them, I don’t expect others to put the same amount of effort into verifying their fingerprints.
The solution to this is to maintain a simple text file, signed via PGP, containing the fingerprints of my other keys. With a copy of the file and a trusted copy of my public PGP key, anyone can verify my identity on other networks or communication channels. If a key is replaced, I simply add the new fingerprint to the file, sign it and distribute. Contacts download the file, check its signature, and thus easily trust the new fingerprint without additional rigmarole.
The first examples of this that I saw were from Yan and Tom Lowenthal. I thought it seemed like a great idea and began to maintain a file with a list of examples whenever I stumbled across then, with a note that I should do that someday2.
Today I decided to stop procrastinating on this and create my own identity file. It is located at pig-monkey.com/id.txt. The file, along with the rest of this website, is in git so that changes to it may be tracked over time.
Inspired by some of the examples I had collected, I added a couple pieces of related information to the file. The section on PGP key signing should provide others some context for what it means when they see my signature on a different key. Even if no one cares, I found it useful to enunciate the policy simply to clear up my own thinking about what the different certification levels should mean. Finally, the section on key management gives others a rough idea about how I manage my key, which should help them to maintain their confidence in it. If I verify that someone’s identity and fingerprint match their key, I will have high confidence in its signature initially. But if I know that the person keeps their secret key on their daily driver machine without any additional effort to protect it, my confidence in it will degrade over time. Less so if I know that they take great care and handling in their key’s protection.
A file like this should also provide a good mechanism for creating a transition and revocation statement for my PGP key, should the need arise. One hopes that it does not.
- ↵ Realistically, I use PGP multiple times per hour when I’m on my computer.
- ↵ Since I began my list, Keybase has become a thing. It addresses a similar problem, although seems to promote using services like Twitter as the root of trust. Assuming that you want to stubbornly stick with a PGP key as the root of trust, I don’t see the advantage of using Keybase for this problem, except that it offers a centralized lookup repository.
It’s 2016, and stuffing cash in an envelope and mailing it to a small island nation is sometimes still the best way to move money with some degree of privacy.
This is not the cyberpunk dystopia I was promised.
A few weeks ago I bought a Lenovo Thinkpad X260, replacing the T430s that has been my daily driver since 2012. I’m a big fan of the simplicity, ruggedness and modularity of Thinkpads. It used to be that one of the only downsides to Thinkpads were the terrible screens, but that has been addressed by the X260’s FHD display. The high resolution let me move from the 14” display of the T430s to the 12.5” display of the X260 without feeling like I’ve lost anything, but with an obvious gain in portability. The X260 is a great machine to put Linux on, which Spark helps me to do with no effort and a minimum expenditure of time.
I have a pretty thorough setup with my every day carry. Between the level 1 items on my body and the level 2 items in my pack, I have all the tools that I think I may need. This limits the need for a bug out bag in my environment. Were I packing a bag to support running away from a disaster, it would largely duplicate what I carry every day. The difference is in shelter. Specifically, clothing.
For the past few years, I’ve kept a bug out stuff sack instead of a bug out bag. The stuff sack contains clothes, which gives me what I need to leave in a hurry regardless of what I’m currently wearing. I keep a pair of merino wool boxer briefs, merino wool long underwear, a lightweight merino wool long sleeve shirt, quick-drying nylon pants, a Buff, merino wool and nylon blend socks, and a cotton bandana. The two non-clothing items in the stuff sack are a Tru-Nord compass and a silk escape map.
The map is from SplashMaps in the UK. It is a print of the OpenStreetMap for the San Francisco bay area at 1:40000 scale.
Conspicuously absent from the contents of the stuff sack is any sort of foul-weather gear. I don’t venture outside without a hardshell jacket in my pack, even here in drought-stricken California. I also generally will have some sort of insulating layer already in my pack, making that an uncessary addition to the stuff sack.
The stuff sack I went with is a Sea To Summit 8L Big River. This is a much heavier stuff sack than any of those I use backpacking. When I was deciding on the stuff sack for this project, I knew I wanted something that I would be comfortable running outside of a pack. The 420 denier nylon on the Big River is more abrasion resistant than any of my cuben or sil-nylon stuff sacks, and the Big River also includes Hypalon lash points on either side of the bag to assist when securing it. When I’m carrying a larger pack, like the FAST Pack EDC, these points are moot since I can just toss the stuff sack into the pack on the way out the door. However, if I’m using something smaller, like the FAST Pack Litespeed, the pack may already be close to full. With the Big River I’m able to quickly and easily lash the stuff sack to the bottom of the pack, without taking time rearranging the inside of the pack in an attempt to make more room.
The stuff sack hangs on a hook on my wall, immediately next to the door. My pack and footwear stay underneath on the floor when I’m home. Keeping these items in the same spot means that I can grab them and be out the door in a short count of seconds. Also hanging in this area are my gloves and helmet, which are necessary when leaving on a bike (certainly the best bug out vehicle for a city). I also leave a hat, insulating jacket, and rain jacket hanging in this area. These items should already be in my pack, but leaving duplicates here allows me to easily grab them on my way out if needed. The last item in this area, hanging on the same hook as the stuff sack, is a small bag with documents that I may want when leaving in a hurry.
I keep a stuff sack at my desk at work with all the same things in it. Since I only have one of the silk maps from SplashMaps, the stuff sack at work instead has a few USGS quads of the area printed on glow in the dark onion skin paper. I buy these from zdw on eBay.
In his decade at the FBI, Soufan developed an expertise in al-Qadea, investigating the Kenyan embassy bombing, Jordan millennium pole, attack on the USS Cole, and the September 11th attacks. The book is a history of al-Qaeda, beginning with the Soviet invasion of Afghanistan, as well as a memoir of the author’s experience investigating the organization. It is a well-written, intriguing read that offers a different insight into familiar stories. I was inspired to read it after subscribing to the The Soufan Group‘s daily IntelBriefs and have not been disappointed.