[[!meta title="OpenPGP keys"]] Tails developers maintain several OpenPGP key pairs. [[!toc levels=2]] Mailing-list key ================ Purpose ------- ### Encryption This key has an encryption subkey. Please use it to encrypt email sent to the core developers encrypted mailing-list: . ### Signature This key also has the capability to sign and certify. Until Tails 0.5 and 0.6~rc3, released images were signed by this key. This purpose is now deprecated: further releases will be signed by a dedicated, safer signing key. As of 2010 October 7th, our mailing-list key signature only means our mailing-list software checked the signed content was originally OpenPGP-signed by a Tails core developer. Policy ------ The secret key material and its passphrase are stored on the server that runs our encrypted mailing-list software and on systems managed by core Tails developers. This means people other than Tails developers are in a position to use this secret key. Tails developers trust these people enough to rely on them for running our encrypted mailing-list, but still: this key pair is managed in a less safe way than our signing key. Key details ----------- pub 4096R/F93E735F 2009-08-14 Tails developers (Schleuder mailing-list) Key fingerprint = 09F6 BC8F EEC9 D8EE 005D BAA4 1D29 75ED F93E 735F uid Amnesia uid T(A)ILS developers (Schleuder mailing-list) sub 4096R/E89382EB 2009-08-14 [expires: 2014-08-13] How to get the public key? -------------------------- There are multiple ways to get this OpenPGP public key: - download it from this website: [[!tails_website amnesia.asc]] - fetch it from your favourite keyserver - send an email to . Signing key =========== Purpose ------- This key only has the capability to sign and certify: it has no encryption subkey. Its only purpose is: - to sign Tails released images (starting with 0.6) - to certify other cryptographic public keys needed for Tails development. Policy ------ The secret key material will never be stored on an online server or on systems managed by anyone else than Tails core developers. Key details ----------- pub 4096R/BE2CD9C1 2010-10-07 [expires: 2012-10-06] Key fingerprint = 0D24 B36A A9A2 A651 7878 7645 1202 821C BE2C D9C1 uid Tails developers (signing key) uid T(A)ILS developers (signing key) How to get the public key? -------------------------- There are multiple ways to get this OpenPGP public key: - download it from this website: [[!tails_website tails-signing.key]] - fetch it from your favourite keyserver. FIXME: Mention that downloading the key again can fetch new or updated signatures.