diff --git a/pgp/core-devs/README.md b/pgp/core-devs/README.md index 04e15f5..3db5235 100644 --- a/pgp/core-devs/README.md +++ b/pgp/core-devs/README.md @@ -6,7 +6,16 @@ $ gpg --import pgp/core-devs/* # Verify -TODO +``` +$ gpg --verify pgp/core-devs/than/than-crypto.txt +``` + +gpg: Signature made Sat 19 Jul 2025 02:04:10 AM EDT +gpg: using EDDSA key 8B3A74890536BAD50D9376EBF1CB32F67E3302A1 +gpg: Good signature from "nopenothinghere@proton.me " [ultimate] +gpg: aka "Nope Nothing (Anonymous Planet Contact) " [ultimate] +gpg: aka "Nope Nothing (Systems Administrator) " [ultimate] +Primary key fingerprint: 8B3A 7489 0536 BAD5 0D93 76EB F1CB 32F6 7E33 02A1 ### All signing keys are signed by the Master Signing Key diff --git a/pgp/core-devs/than/than-canary.txt b/pgp/core-devs/than/than-canary.txt index 679c85f..bf08b4a 100644 --- a/pgp/core-devs/than/than-canary.txt +++ b/pgp/core-devs/than/than-canary.txt @@ -1,54 +1,51 @@ -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 -Tue Jul 25 14:51:36 EDT 2023 +Sat Jul 19 02:03:40 AM EDT 2025 -I am the admin of itsnothing.net (@Unknown@ioc.exchange) and co-admin of THGTOA. -I will update this canary within 1 month. +CEH v12 | (ISC)² | Linux+ | Cisco CCNA | Security+ | PenTest+ + +Owner: My blog - https://itsnothing.net. +Admin: The Hitchhiker's Guide to Online Anonymity - https://anonymousplanet.org Latest bitcoin block hash: -00000000000000000000d9330bf8a03ce70cbe5542bddd16558693a43ea32fd3 +00000000000000000000b685887fe078cc9839294a91f8d38a3311864fc15418 -I am in complete control of all my key material. +I positively confirm I am in complete control of all my key material and domains. -All previous keys have been revoked as part of standard OPSEC key rotation procedures. -Do not encrypt communications to my old keys, I will not read them. +All previous keys have been revoked as part of standard OPSEC key rotation +procedures. Do NOT encrypt communications to my old keys, I will not read them. -The key currently published on my website https://itsnothing.net/pgp.txt with a fingerprint -of C87D87466FD205945CF10A3821AB6B6A6CB2C337, is my only PGP key for public communication. +The key currently published on +https://keyoxide.org/8B3A74890536BAD50D9376EBF1CB32F67E3302A1 with a fingerprint +of 8B3A74890536BAD50D9376EBF1CB32F67E3302A1, is my only PGP key for public +communication. It IS published on public keyservers now. Please refrain from uploading it there +(again). Someone already broke this rule. Permanent record of old and new PGP keys: -the old key was: - -pub rsa4096/0xB208C4084A2C582D 2022-11-04 [SC] [expires: 2027-11-03] - Key fingerprint = D793 9998 F78B ADB5 18C1 B600 B208 C408 4A2C 582D -uid [ultimate] Nope - -And the new key is: - -pub ed25519/0x21AB6B6A6CB2C337 2023-07-14 [SC] - Key fingerprint = C87D 8746 6FD2 0594 5CF1 0A38 21AB 6B6A 6CB2 C337 +pub ed25519/0xF1CB32F67E3302A1 2024-03-29 [SC] + Key fingerprint = 8B3A 7489 0536 BAD5 0D93 76EB F1CB 32F6 7E33 02A1 uid [ultimate] nopenothinghere@proton.me To fetch the full key, you can simply do: - gpg --keyserver keys.openpgp.org --recv-key 0x21AB6B6A6CB2C337 + gpg --keyserver keys.openpgp.org --recv-key 0xF1CB32F67E3302A1 ** - Note: this keyserver is experimental.[0] I still have yet to add this key to - the I2P keyserver pool, and I don't know if I will. If you have previously + Note: this keyserver is experimental.[0] I still have yet to add these keys + to the I2P keyserver pool, and I don't know if I will. If you have previously signed my key but did a local-only signature (lsign), you will not want to issue the following, instead you will want to use --lsign-key, and not send the signatures to the keyserver. ** - gpg --sign-key 0x21AB6B6A6CB2C337 + gpg --sign-key 0xF1CB32F67E3302A1 I'd like to receive your signatures on my key. You can either send me an e-mail with the new signatures (if you have a functional MTA on your system): - gpg --export 0x21AB6B6A6CB2C337 | gpg --encrypt -r 0x21AB6B6A6CB2C337 --armor \ + gpg --export 0xF1CB32F67E3302A1 | gpg --encrypt -r 0xF1CB32F67E3302A1 --armor \ | mail -s 'OpenPGP Signatures' Additionally, I highly recommend that you implement a mechanism to keep your key @@ -62,10 +59,9 @@ key updates with your keyring. I also highly recommend checking out the excellent Riseup GPG best practices doc, from which I stole most of the text for this transition message ;-) -https://we.riseup.net/riseuplabs+paow/openpgp-best-practices +https://riseup.net/en/security/message-security/openpgp/gpg-keys -Please let me know if you have any questions, or problems, and sorry for the -inconvenience. +Please let me know if you have any questions on how to verify. Nope (Anonymous Planet) @@ -73,8 +69,8 @@ inconvenience. 1. https://directory.fsf.org/wiki/Parcimonie -----BEGIN PGP SIGNATURE----- -iHUEARYKAB0WIQTIfYdGb9IFlFzxCjghq2tqbLLDNwUCZMAZwAAKCRAhq2tqbLLD -N3l3AQC28SZK5HHU1o7K36ifOd/OKj97urrMZF+NUkaRmAwQxgEAlIa2y9g0JoQW -epEpViXFDwyWIUfNhVaJwUWjn/DLoAI= -=A72C +iHUEARYKAB0WIQSLOnSJBTa61Q2TduvxyzL2fjMCoQUCaHs1WgAKCRDxyzL2fjMC +odrwAPsFcupXWVRha5k2BOZUvjg+nY27IG+5XM8w+IupueHVcAD7BL7MFWuJ11lb +Bqk3pSyp6hTxlSJ1lnItXwQYnGBL6AE= +=NQBO -----END PGP SIGNATURE----- diff --git a/pgp/core-devs/than/than-crypto.txt b/pgp/core-devs/than/than-crypto.txt new file mode 100644 index 0000000..bfd9af4 --- /dev/null +++ b/pgp/core-devs/than/than-crypto.txt @@ -0,0 +1,68 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA512 + +This is a signed summary of relevant cryptographic information for nopenothinghere. +The latest version of this file is always located at: + https://itsnothing.net/crypto.txt + +This information is current as of Sat Jul 19 02:11:11 AM EDT 2025. + +Contact +======= + +email: contact@anonymousplanet.org +web: https://itsnothing.net/ +irc: <{ long live relay chat! }> +matrix: <{ violently nuked from orbit }> +xmpp: <{ n/a }> + + +OpenPGP key +=========== + +pub ed25519/0xF1CB32F67E3302A1 2024-03-29 [SC] + Key fingerprint = 8B3A 7489 0536 BAD5 0D93 76EB F1CB 32F6 7E33 02A1 +uid [ultimate] nopenothinghere@proton.me +uid [ultimate] Nope Nothing (Anonymous Planet Contact) +uid [ultimate] Nope Nothing (Systems Administrator) +ssb cv25519/0x7F02B7DB19EAA7A0 2024-03-29 [E] + +The latest up to date key including signatures can be found at: + https://itsnothing.net/pgp.txt + +A positive identification of my alive status: + https://itsnothing.net/canary.txt + + +OTR fingerprints +================ + +(N/A) I no longer use Off the Record messaging. No FPs available. + + +Olm/Megolm matrix fingerprints (outdated) +========================================= + +@thehidden:tchncs.de CAKLUZIQFD 7fcn tb81 KPCH 3h4U KJvy L4H4 Zl+l khXs Fn6e O+FV DN4 +@t:netrunner-vault.de KBJYGSJBXJ 2x5P 4CAu hWyp 5L7e tDPE tbpw w0Ii Q3/l HDrI fdP+ w3E +@thehidden:tchncs.de BYODXXYSCL drPJ 4Vyl aze1 hTRt 3FhZ WnoL eoDm CZbv bBh3 uEQd Dog +@thehidden:tchncs.de PGNRTYGHKG C2Px juxp 9Jx1 k03X uHPs uEx4 WUcB AJxV ZUMf IhVp dc0 +@thehidden:tchncs.de RQTTASEWUR xzJD 899S znyU xIId uwjR GI3e lvkh fQ98 tIMO HXwu t3o +@thehidden:tchncs.de ZWJXVXSCCL gn4L Hrlf lelw WutP Jtw7 pWRa /rcg D7eN I4Q4 j/nR 1OQ + +OMEMO fingerprints (outdated) +============================= + +sharptail@disroot.org/1302208566 42F72634 2D419951 E04BCF02 9E17B0C9 DFE073C0 97E16167 0972EEC3 05FDF262 + +Session fingerprint +=================== + +053686ab7bbb2287dee2d9c1a87518ccc5c0dae76f5aa5d0b095293700c2eb730c +-----BEGIN PGP SIGNATURE----- + +iHUEARYKAB0WIQSLOnSJBTa61Q2TduvxyzL2fjMCoQUCaHs3LAAKCRDxyzL2fjMC +oY0DAQCxh0GknmrWuNL4dXOb8dPlmpi3AWTg3Gn439bp3rivEwEAnVEc+guTiOcm +gE03jaq3uSVMFWTPxx7S+XiNiwZKMQs= +=TQwt +-----END PGP SIGNATURE-----