Private Key Security
Different subkeys for different purposes are placed in separate networkless VMs in Qubes OS and are used via the Split GPG architecture. The master key, however, is stored on a separate air-gapped computer.
The keys in this page are subkeys of the following master signing key:
pub rsa8192 2017-01-21 [C] B57E7237B211419C35C4AF5BEB4D3264A31873CB uid [ unknown] WillyPillow (https://blog.nerde.pw/) <email@example.com>
Note that you should verify this fingerprint through other channels, e.g. my diaspora* profile, email signatures on the Qubes OS mailing list (qubes-users and qubes-devel), since it’s possible that this repo was falsified.
Blog/Code Signing Key
The following key is used to sign this blog and other code repos.
sub 4096R/B1E9DB2F 2017-01-21 Key fingerprint = 6DF4 7924 CDE6 6924 4E52 3286 F8B2 64E1 B1E9 DB2F
For the reason for the lack of expiration date, see Joanna Rutkowska’s Blog for more information.
Email Encryption Keys
The following keys are used for email communication:
sub 4096R/A5080F4E 2017-01-22 [expires: 2018-01-22] Key fingerprint = C775 4AF1 B865 CE73 315A 2936 A419 9834 A508 0F4E sub 4096R/0D7D2EFE 2017-01-22 [expires: 2018-01-22] Key fingerprint = 5B8A 9A22 487B D9D8 264C 0EA3 904E 12B6 0D7D 2EFE