Skip to content

Instantly share code, notes, and snippets.

@Rspigler
Created July 4, 2020 00:28
Show Gist options
  • Save Rspigler/7b71479bbfc48856aa1c4d3b471f113e to your computer and use it in GitHub Desktop.
Save Rspigler/7b71479bbfc48856aa1c4d3b471f113e to your computer and use it in GitHub Desktop.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
I have a master private key (Certify Only) stored in Vault, separate Encryption and Sign secrete_subkeys generated in Vault and stored in networkless work-gpg. All public keys stored in a separate AppVM (GPG_Process) for 'qubes-gpg-client' command to access the work-gpg VM via the Split GPG protocol. 3rd party Public Keys are stored in work-gpg using 'qubes-gpg-import-key' through a DispVM.
My new public key fingerprint is:
BF0D 3C08 A439 5AC6 11C1 5395 B70B 4A77 F850 548F
Unfortunately, I cannot sign this key with my past PGP key, as I revoked it prior to writing this message (I know, dumb). You can find all prior (revoked) keys on any keyserver, as well as this new, secured key on a keyserver as well. 1 prior key is not revoked, as it was generated in 2015, long before I knew what I was doing, and is long lost.
This key is also posted on my twitter account, and a message explaining the situation here:
https://twitter.com/RobertSpigler/status/1279204032884682752
The Qubes mailing list where users helped me troubleshoot this new key process can be read here:
https://groups.google.com/forum/#!topic/qubes-users/JE6pK-M3V3M
Always remember that you should verify a key by obtaining fingerprints of the key from multiple independent sources.
This message is signed by my new key.
Robert Spigler
RobertSpigler@ProtonMail.ch
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEf4WKHNGE9pWzsby0UsewL8eQ8/AFAl7/y+gACgkQUsewL8eQ
8/BEVw//cr9q8AETnQYMoJxK7NUZZMRzlmpXEVrt4YC/qykc9LZsWqjmoCU0o0RA
fbx3wrwglxroRBoJLAbnqvF8rgBykhsDxyvEeQAz3uFdF5mwMVEyPPxlWh2tQMHB
bxjZPPvv/sMuFzeIeOLkBxMkmkD7SWcEMT7ekV5ups8ewKqQzq3ED4FXa8QVUANx
P9qoZFrlff1PsPA9O4EaR1kazu5KmEspC44nIzq99xyIcCaxxezY7gToA0RxlmL8
hDi8Xt6QYU9I6MLwzAB8mpOoE276PwBAEY9FNWFJv1ZcGKE7HTzgL3gdEpUwtLto
qjN8NBkip0paXvp34ccdE7xUJtWrsThEPdGkvMo+IcTVnQn7/6klgygHJasqmh53
dDd8Pu9zgJfHrTPRr6mwtCqSWlWQkwJwcvCcd6oaexZZF8NWcpoGbRTqBkEvxQ9k
KEx/rXrOWkrOOsljqDCP51xv+cQeYlwtXbTRP/yt1ZvgAhBSCJhEDj25AWhUv2C+
j0wgaJNzAt+Z7i6SGOcNQK+blnJ6fBzKn40L6xpNfHTUwdRMU77wjwgl38hBOYhH
aRQDMiyzfPZ5iWwR71kbx5g/XnBWRizNGGHrFbULB2I7FmU3xTuHEWwNOCzrEj+3
3tsUr5YuhxZvRF5RD3ZZfwKAxMqMKbV1/PVdch2PtxGyWOPMdlc=
=/35v
-----END PGP SIGNATURE-----
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment