Cryptographic Keys

I have these public keys to announce:

GPG Keys

I do not use GPG for email. If you send me GPG-encrypted email, it is likely that I end up not reading it.

Starting from the beginning of July 2013, I intend to use the following key for code signing. (The certifacation key is only for key signing. There is a signing subkey for other signatures—particularly code signing.) This key is available (insecurely; you need to check the fingerprint) via DNS PKA (gpg --auto-key-locate pka).

pub   4096R/A429300434296AC0 2013-07-03
      Key fingerprint = 3E95 6FC6 CE0B CAA8 F509  D291 A429 3004 3429 6AC0
uid                          Henri Sivonen <>

Prior to July 2013, I used the following key (the certifacation key itself) for code signing.

pub   1024D/CEE122264BF78053 2008-02-26
      Key fingerprint = F48B 82DF CB8E C84C 5418  01FC CEE1 2226 4BF7 8053
uid                          Henri Sivonen <>

For completeness, I have signed transition statement.

Note: Someone other than me uploaded keys with colliding short key IDs with mine (with my name and email address on them; possibly created as part of the Evil32 research, but I did not bother to check) to public key servers. Do not use short key IDs!


For authorizing me for SSH access: SSH public key (GPG signature)