Luca Saiu — public keys

I value privacy and encourage everyone's use of strong cryptography for private communication.


Visit cards

Of course you have no particular reason to trust the information you read on this site over an HTTP connection, or even over HTTPS unless you trust my certificate. If we meet in person you can ask me one of my visit cards, containing a printed copy of my GPG key fingerprint; I always carry a few cards in my wallet.

Starting from late August 2016 every card also includes an SHA256 fingerprint of the X.509 certificate used on this server. If you have an older version with only the GPG fingerprint the best you can do is asking me a copy of the certificate information; I will send it to you by GPG-signed email.

My visit cards now have an "updated" date. The current version is dated 2016-08-24, but includes the correct fingerprint for the certificate activated the next day, on 2016-08-25. In hindsight I should have just printed "2016-08-25".


My server X.509 certificate

For the layperson: this information lets you check that the machine you are connecting to is actually my server, rather than some machine belonging to an impostor who wishes to eavesdrop your traffic.


Why my certificate is self-signed

My certificate is self-signed and I do not plan to ever submit it to a certification authority, as I see no particular reason to trust any entity to guarantee the authenticity of third-party keys; on the other hand the reasons to distrust them abound, as shown for example in this hilarious Mozilla bug report highlighting the inherent conflict of interest of commercial enterprises engaged in this activity, particularly after they become well established. The current political climate makes the argument even stronger, considering that most authorities are based in the US. Even authorities not suspected of any wrongdoing might well engage in the same practices as the famous ones you are thinking about now: US gag laws make it impossible for the public to know, which puts the last nail in the coffin of the credibility of CAs.

Certificates are important, and they should never be accepted blindly: when you accept a certificate tentatively, you should consider the entire exchange to be potentially spied on and tampered with while it happens; in other words the connection is to be treated as no more secure than an unencrypted one. In order to convince yourself that the server you are connected to actually is what it claims to be, you'll have to do your due diligence; and no, this activity cannot be simplified down to the level of the typical Apple fanboy who only understands graphical user interfaces.

If you want to see the authentic fingerprint of my server certificate you can ask me for a visit card, as explained above. You are also welcome to request a copy of the information by GPG-signed email, if you have reason to trust my GPG key — for example my GPG key may have been signed by enough people you know and who can attest that I care about security.


Certification Authorities providing certificates for free

Since a few people asked I clarify that my statements in the previous section also apply to Let's Encrypt, which doesn't magically become trustworthy thanks to its non-profit status. It may very well be run by completely honest people, as some of the commercial entities might be as well; the point is that we, the public, do not have any reason to grant them confidence. We should also keep in mind that the Internet Security Research Group is US-based.

CACert.org issues (gratis) certificates supposedly made credible by a Web of Trust; I have to look into its activity in more detail, but as far as I understand there is no technical reason to trust the organization not to provide false certificates; are the actual certificates provided by CACert signed by people in my (GPG, or other) web of trust? That model would work, but I cannot see how it can integrate with the idea of adding CA root certificates to web browsers. In practice the degree of trust I would assign to each server certificate would very according to how close I am, in WoT terms, to who approved it, making the issuing authority irrelevant. I am probably missing some detail, but such an arrangement sounds similar to my visit card system.


Certificate information

I use the same certificate for HTTPS and email, plus most other non-public services on this server. The current version was generated on August 25 2016, replacing a different certificate I had only used for a couple of weeks, not worth keeping.

You can download my X.509 certificate in PEM format here as ageinghacker-a.pem. Its SHA256 fingerprint is

869e 670c cad5 560f 1069 c0a8 d37d a790 6fbf ba8a 1f2d 6c12 92ee bda9 a860 44ff

. Its SHA1 fingerprint is

e00b 1b71 ca98 8051 c0df 132c 5e79 e816 9717 2aeb

, but you should not use SHA1 as it now appears to be vulnerable to collision attacks.

This is the information printed by

certtool --certificate-info

. You should check that it matches what your client says.

X.509 Certificate Information:
	Version: 3
	Serial Number (hex): 00ebef713058d5050b
	Issuer: CN=ageinghacker.net,CN=aginghacker.net,CN=lists.ageinghacker.net,CN=lists.aginghacker.net,CN=mumble.ageinghacker.net,CN=mumble.aginghacker.net,CN=abelson.ageinghacker.net,CN=abelson.aginghacker.net,CN=*.ageinghacker.net,O=Luca Saiu,O=ageinghacker.net,EMAIL=luca@ageinghacker.net
	Validity:
		Not Before: Thu Aug 25 19:43:05 UTC 2016
		Not After: Mon Aug 19 19:43:05 UTC 2041
	Subject: CN=ageinghacker.net,CN=aginghacker.net,CN=lists.ageinghacker.net,CN=lists.aginghacker.net,CN=mumble.ageinghacker.net,CN=mumble.aginghacker.net,CN=abelson.ageinghacker.net,CN=abelson.aginghacker.net,CN=*.ageinghacker.net,O=Luca Saiu,O=ageinghacker.net,EMAIL=luca@ageinghacker.net
	Subject Public Key Algorithm: RSA
	Algorithm Security Level: High (4096 bits)
		Modulus (bits 4096):
			00:ba:17:55:e9:21:96:48:fd:47:15:4d:27:b7:fd:41
			03:ff:7e:24:ae:42:48:46:4c:21:73:2e:c5:58:94:f9
			99:b1:a7:74:8b:11:ef:44:12:b8:71:f8:71:44:4f:41
			a0:bc:d4:f3:c8:23:94:af:4a:ec:dd:48:24:d5:f3:c1
			48:6d:5e:45:99:71:9e:8f:57:1c:7e:ca:eb:c3:91:bf
			17:cb:f3:21:22:1e:a6:87:78:dd:03:53:40:e7:d6:14
			f3:2c:64:96:63:db:3b:b0:de:38:89:a3:04:89:b7:4b
			2f:6d:98:9a:86:bd:cd:f7:ff:e6:a5:72:af:96:24:59
			36:f3:8e:9c:c1:91:48:11:c4:04:91:d6:56:f8:14:9c
			f1:9b:6e:3a:27:90:b7:2f:89:95:26:4b:e7:04:38:70
			85:24:7e:a4:8b:b9:b9:3a:31:e7:d1:68:d5:46:fb:25
			44:3c:54:bd:fc:1d:25:ff:ed:26:6b:f1:b3:44:15:22
			07:30:8e:ea:97:5f:fd:55:a3:f6:b2:de:a2:bd:b4:d6
			f9:c6:af:39:bc:52:1e:21:25:8e:bf:82:65:e5:60:ea
			ab:11:73:8e:54:32:20:0e:5a:cf:b6:ec:2d:0c:87:40
			92:3e:45:eb:db:f8:5f:c0:21:7e:97:c1:46:ed:df:70
			e4:7c:a3:71:7b:c0:5e:ed:40:f7:ff:bc:e9:0a:85:f2
			e9:64:e5:3e:54:16:ad:90:5c:36:25:76:15:5e:49:d6
			d5:24:4c:a5:a9:9a:bb:5d:66:89:cc:d1:d9:cf:e4:ee
			10:7d:74:7b:78:8d:5b:49:d8:c1:97:15:f5:c0:a3:3a
			57:95:70:7f:9f:d1:61:29:99:ac:d1:7c:b0:57:7a:39
			f4:b7:48:66:9a:fb:77:86:7a:9d:ee:5f:a7:de:21:d3
			16:10:53:52:f5:74:87:21:00:85:23:29:92:fc:61:44
			5b:4a:c9:dc:f2:cd:94:20:0f:72:9e:3b:70:e7:99:a1
			fe:20:c2:3e:89:94:3f:85:8c:ed:80:c6:5f:2f:c6:f0
			b8:b9:0a:0f:4c:c3:ee:bc:23:5e:af:44:ae:6a:35:dc
			a7:7b:de:2c:a4:26:fe:39:ce:95:ad:48:76:8c:0b:93
			a1:fa:ec:cf:e7:de:75:fa:90:d7:f0:28:a3:56:2e:79
			5b:96:f4:61:40:a9:cf:20:99:09:26:ee:07:36:9d:dc
			8c:f6:fd:5b:ac:da:bb:5a:21:41:96:32:94:32:21:1d
			63:d4:70:7a:b8:0d:04:4e:a4:ef:ec:dc:a9:a5:59:56
			af:54:00:00:32:45:79:08:9a:2f:6a:b9:66:04:33:1a
			1b
		Exponent (bits 24):
			01:00:01
	Extensions:
		Basic Constraints (not critical):
			Certificate Authority (CA): TRUE
		Subject Alternative Name (not critical):
			DNSname: ageinghacker.net
			DNSname: aginghacker.net
			DNSname: *.ageinghacker.net
			DNSname: *.aginghacker.net
	Signature Algorithm: RSA-SHA256
	Signature:
		46:49:8b:34:ef:5b:19:ad:e2:66:3b:8b:f2:46:55:94
		63:9c:f8:54:37:6e:85:f3:ce:9e:a2:7e:74:02:64:37
		b9:19:b6:55:67:4c:7a:53:82:4e:23:23:24:de:63:bd
		c9:a4:e9:de:a3:e0:fd:ac:a3:37:21:23:bc:e9:0b:60
		27:02:fa:e5:d4:7d:95:3f:87:2e:a8:cc:94:03:68:87
		b5:08:a4:0c:03:b7:e2:17:9e:b6:75:80:70:73:6d:e2
		9d:06:7b:76:00:3e:30:7a:89:c6:69:37:22:4f:53:0f
		eb:a4:67:18:8c:57:bd:e6:b8:83:81:eb:a7:9f:e6:d1
		1a:4d:a9:02:2d:e4:99:ac:99:20:08:3f:0a:c6:de:e0
		40:6f:70:59:cf:f8:de:79:54:0b:40:aa:3a:0e:07:41
		1c:ad:a1:58:a7:17:54:ae:55:51:03:f8:97:44:f6:a4
		d0:96:7d:14:d4:71:6a:9c:7c:a9:15:dd:37:6d:aa:b3
		bd:43:08:82:3d:8d:dc:98:d1:cd:55:65:7c:58:0c:2a
		c9:aa:49:c8:9a:ec:22:80:44:ec:67:ee:11:e7:66:8e
		54:d3:cc:f5:2b:c3:2d:2d:6d:2b:d0:42:a8:9b:5e:d4
		37:2e:8f:74:2e:89:6e:95:33:9c:97:03:40:1d:66:94
		ce:17:7a:cd:8f:8a:7c:4a:9c:19:dc:92:da:5d:44:fb
		3d:2f:70:a9:5a:78:42:39:4b:61:a2:37:f9:9d:3d:dd
		1b:c2:aa:5e:b4:9a:de:ce:9d:7c:d1:f1:18:71:4e:6f
		0c:50:24:17:13:39:9f:e1:32:09:12:e1:4f:a6:19:55
		53:df:1a:00:2f:55:dc:2a:e5:9d:47:7b:66:de:11:c8
		22:08:81:f8:c6:32:d1:ee:41:84:41:22:d0:fa:b8:47
		00:61:fa:d8:1e:c2:73:2e:14:b1:c4:96:88:e0:86:6a
		70:d4:f8:92:1f:e1:0d:1c:f8:95:f0:83:b3:31:0b:60
		a8:a4:ae:9c:a6:9b:e5:e7:66:73:d1:73:27:fb:b2:04
		db:ec:3f:bb:07:b6:e3:1c:12:ef:3e:38:e1:01:ce:36
		71:5c:57:1c:ec:ea:91:ef:d0:a9:e0:92:f9:95:c9:a5
		5b:4e:e6:21:7a:8c:31:e9:a1:8f:c0:3a:47:b7:fb:54
		46:fd:b9:05:96:d4:d7:6d:62:f9:fc:e5:54:53:15:01
		41:87:e2:9e:76:dd:1b:2a:ce:46:a5:fe:49:27:0c:05
		a1:c6:72:2b:96:57:90:9f:11:0c:d7:04:05:2e:50:8b
		1c:fd:0f:4c:06:6d:49:64:ec:df:cd:e9:ee:07:c0:3b
Other Information:
	SHA1 fingerprint:
		e00b1b71ca988051c0df132c5e79e81697172aeb
	SHA256 fingerprint:
		869e670ccad5560f1069c0a8d37da7906fbfba8a1f2d6c1292eebda9a86044ff
	Public Key ID:
		748e4f322e10f17394301fe16a76b3bdc5a2dd37
	Public key's random art:
		+--[ RSA 4096]----+
		|    . o.+o       |
		|     o =..       |
		|    . o = .      |
		|     . = +       |
		|    . + S o      |
		|     + o O .     |
		|      . o + o    |
		|       . o =  E  |
		|        . o .. . |
		+-----------------+

-----BEGIN CERTIFICATE-----
MIIHzDCCBbSgAwIBAgIJAOvvcTBY1QULMA0GCSqGSIb3DQEBCwUAMIIBcDEZMBcG
A1UEAxMQYWdlaW5naGFja2VyLm5ldDEYMBYGA1UEAxMPYWdpbmdoYWNrZXIubmV0
MR8wHQYDVQQDExZsaXN0cy5hZ2VpbmdoYWNrZXIubmV0MR4wHAYDVQQDExVsaXN0
cy5hZ2luZ2hhY2tlci5uZXQxIDAeBgNVBAMTF211bWJsZS5hZ2VpbmdoYWNrZXIu
bmV0MR8wHQYDVQQDExZtdW1ibGUuYWdpbmdoYWNrZXIubmV0MSEwHwYDVQQDExhh
YmVsc29uLmFnZWluZ2hhY2tlci5uZXQxIDAeBgNVBAMTF2FiZWxzb24uYWdpbmdo
YWNrZXIubmV0MRswGQYDVQQDFBIqLmFnZWluZ2hhY2tlci5uZXQxEjAQBgNVBAoT
CUx1Y2EgU2FpdTEZMBcGA1UEChMQYWdlaW5naGFja2VyLm5ldDEkMCIGCSqGSIb3
DQEJARYVbHVjYUBhZ2VpbmdoYWNrZXIubmV0MB4XDTE2MDgyNTE5NDMwNVoXDTQx
MDgxOTE5NDMwNVowggFwMRkwFwYDVQQDExBhZ2VpbmdoYWNrZXIubmV0MRgwFgYD
VQQDEw9hZ2luZ2hhY2tlci5uZXQxHzAdBgNVBAMTFmxpc3RzLmFnZWluZ2hhY2tl
ci5uZXQxHjAcBgNVBAMTFWxpc3RzLmFnaW5naGFja2VyLm5ldDEgMB4GA1UEAxMX
bXVtYmxlLmFnZWluZ2hhY2tlci5uZXQxHzAdBgNVBAMTFm11bWJsZS5hZ2luZ2hh
Y2tlci5uZXQxITAfBgNVBAMTGGFiZWxzb24uYWdlaW5naGFja2VyLm5ldDEgMB4G
A1UEAxMXYWJlbHNvbi5hZ2luZ2hhY2tlci5uZXQxGzAZBgNVBAMUEiouYWdlaW5n
aGFja2VyLm5ldDESMBAGA1UEChMJTHVjYSBTYWl1MRkwFwYDVQQKExBhZ2Vpbmdo
YWNrZXIubmV0MSQwIgYJKoZIhvcNAQkBFhVsdWNhQGFnZWluZ2hhY2tlci5uZXQw
ggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC6F1XpIZZI/UcVTSe3/UED
/34krkJIRkwhcy7FWJT5mbGndIsR70QSuHH4cURPQaC81PPII5SvSuzdSCTV88FI
bV5FmXGej1ccfsrrw5G/F8vzISIepod43QNTQOfWFPMsZJZj2zuw3jiJowSJt0sv
bZiahr3N9//mpXKvliRZNvOOnMGRSBHEBJHWVvgUnPGbbjonkLcviZUmS+cEOHCF
JH6ki7m5OjHn0WjVRvslRDxUvfwdJf/tJmvxs0QVIgcwjuqXX/1Vo/ay3qK9tNb5
xq85vFIeISWOv4Jl5WDqqxFzjlQyIA5az7bsLQyHQJI+Revb+F/AIX6XwUbt33Dk
fKNxe8Be7UD3/7zpCoXy6WTlPlQWrZBcNiV2FV5J1tUkTKWpmrtdZonM0dnP5O4Q
fXR7eI1bSdjBlxX1wKM6V5Vwf5/RYSmZrNF8sFd6OfS3SGaa+3eGep3uX6feIdMW
EFNS9XSHIQCFIymS/GFEW0rJ3PLNlCAPcp47cOeZof4gwj6JlD+FjO2Axl8vxvC4
uQoPTMPuvCNer0SuajXcp3veLKQm/jnOla1IdowLk6H67M/n3nX6kNfwKKNWLnlb
lvRhQKnPIJkJJu4HNp3cjPb9W6zau1ohQZYylDIhHWPUcHq4DQROpO/s3KmlWVav
VAAAMkV5CJovarlmBDMaGwIDAQABo2UwYzAMBgNVHRMEBTADAQH/MFMGA1UdEQRM
MEqCEGFnZWluZ2hhY2tlci5uZXSCD2FnaW5naGFja2VyLm5ldIISKi5hZ2Vpbmdo
YWNrZXIubmV0ghEqLmFnaW5naGFja2VyLm5ldDANBgkqhkiG9w0BAQsFAAOCAgEA
RkmLNO9bGa3iZjuL8kZVlGOc+FQ3boXzzp6ifnQCZDe5GbZVZ0x6U4JOIyMk3mO9
yaTp3qPg/ayjNyEjvOkLYCcC+uXUfZU/hy6ozJQDaIe1CKQMA7fiF562dYBwc23i
nQZ7dgA+MHqJxmk3Ik9TD+ukZxiMV73muIOB66ef5tEaTakCLeSZrJkgCD8Kxt7g
QG9wWc/43nlUC0CqOg4HQRytoVinF1SuVVED+JdE9qTQln0U1HFqnHypFd03baqz
vUMIgj2N3JjRzVVlfFgMKsmqScia7CKAROxn7hHnZo5U08z1K8MtLW0r0EKom17U
Ny6PdC6JbpUznJcDQB1mlM4Xes2PinxKnBncktpdRPs9L3CpWnhCOUthojf5nT3d
G8KqXrSa3s6dfNHxGHFObwxQJBcTOZ/hMgkS4U+mGVVT3xoAL1XcKuWdR3tm3hHI
IgiB+MYy0e5BhEEi0Pq4RwBh+tgewnMuFLHElojghmpw1PiSH+ENHPiV8IOzMQtg
qKSunKab5edmc9FzJ/uyBNvsP7sHtuMcEu8+OOEBzjZxXFcc7OqR79Cp4JL5lcml
W07mIXqMMemhj8A6R7f7VEb9uQWW1NdtYvn85VRTFQFBh+Kedt0bKs5Gpf5JJwwF
ocZyK5ZXkJ8RDNcEBS5Qixz9D0wGbUlk7N/N6e4HwDs=
-----END CERTIFICATE-----

My ECDSA and RSA server host keys

The RSA and ECDSA server host keys, useful for example to connect over SSH and check against man-in-the-middle attacks, are abelson-rsa-a.pub and abelson-ecdsa-a.pub.

Recent SSH clients use an ECDSA key to identify a host. You can verify the ECSDA key fingerprint with:

ssh-keygen -lf abelson-ecdsa-a.pub

which is supposed to print:

256 SHA256:yY/8catPSSH2Uk9AymUNp975yKucOOsEag266BbE9l8 root@vps43244 (ECDSA)

This is how you can check the RSA kay's SHA256 fingerprint:

ssh-keygen -lf abelson-rsa-a.pub

If the public key you downloaded is authentic, the output must be:

2048 SHA256:ArFvprNQNe5plchnAikM16Sgqyz37eIvajzQ0Ll/cyk vps43244.iceservers.net (RSA)

Older SSH clients show the RSA key's MD5 fingerprint, which is also easy to check:

ssh-keygen -lf abelson-rsa-a.pub -E md5

The output should be:

2048 MD5:07:71:43:51:2f:d9:84:1c:f3:c5:d2:98:7b:eb:f9:ec vps43244.iceservers.net (RSA)

My GPG public keys

For the layperson: you need this key if you want to make sure that I am the actual author of a GPG-signed message you received from somebody claiming to be me, or to send me a GPG-encrypted message which nobody but me can read.

Most of my e-mails sent from computers I trust have been GPG-signed since 2007.


My GPG key A

The 1024-bit GPG keypair I have been using for many years was generated on 2007-03-29, and is set not to expire; still, I will revoke it at some point in the future, probably sometime in 2021, and switch to my GPG key B.

You can find it my GPG key A here as gpg-a.asc and, for convenience, on several keyservers as well.
The key fingerprint is

14DC72EB19F7D2E6C12E113CBF339ABE26C5D286

. Nowadays it is better not to use only the last four bytes, to avoid collision attacks. You should always consider a key ID to be an indivisible 20-byte sequence.


My GPG key B

I generated a new 4096-bit keypair in September 2019. I am in the process of switching to it as my only key. You can verify that my keys A and B are signed by each other.

You can find it my GPG key B here as gpg-b.asc.

Its fingerprint is

08C6A9408241E6ED99A0A2767A6B35253722954D

. At the time of writing it is only signed by itself and by key A. More signatures will come.

If you receive a message signed or encrypted with my GPG key B, you may see one of the following subkeys:

It is easy to verify that they are in fact subkeys of key B:

gpg --with-subkey --list-keys 08C6A9408241E6ED99A0A2767A6B35253722954D 

My lost GPG key from 2003, 0x586648D5, not to be used

Please do not use the old key with ID 0x586648D5, back from 2003. It was indeed mine, but I lost the associated private key in a disk crash years ago, back when I was naf enough not to keep backups of these important things. Unfortunately there is no way for me to revoke it.


My OpenSSH public keys

For the layperson: you only need these keys if you want to give me shell access to a machine of yours.

I use several different RSA key pairs, depending on which client machine I'm physically on.

By convention RSA public keys are written on single, very long lines; since this notation makes them clumsy to display in inline HTML, I publish each key as a separate text file.

You can check the fingerprint of your copy, interactively, with

ssh-keygen -l

. The utility will ask you the pathname.


My OpenSSH RSA public key #1

A 4096-bit key pair. You can find the RSA public key here as ssh-a.
Its fingerprint is

4096 SHA256:Ll2MioFd5FahanPMe92GfaC7lOr+knZc34ErMmjU4Ok luca@optimum (RSA)

My OpenSSH RSA public key #2

A 2048-bit key pair. You can find the RSA public key here as ssh-b.
Its fingerprint is

2048 SHA256:Stv9EwRz86soXbzE/3njfuvqtNzy37bX2wNIwoQl+l0 luca@lucalaptop (RSA)

My OpenSSH RSA public key #3

A 2048-bit key pair. You can find the RSA public key here as ssh-c.
Its fingerprint is

2048 SHA256:dcE6nRF7RHO0JDR/WNweFJdJNTHorMEjG1GTXS7u9nI luca@ritchie (RSA)

My OpenSSH RSA public key #4

A 2048-bit key pair. You can find the RSA public key here as ssh-d.
Its fingerprint is

2048 SHA256:0CYsQgalAnprKHbfUnMEaQWb7WR/5T4vETC9LMXMxss luca@minsky (RSA)

My OpenSSH RSA public key #5 (obsolete)

I no longer use ssh-e.


My OpenSSH RSA public key #6

A 2048-bit key pair. You can find the RSA public key here as ssh-f.
Its fingerprint is

2048 SHA256:YPotJhZoKmHlA2+/Zzx3Pjtu/bk44F/ZOe5FkAzObII luca@moore (RSA)


[hacker emblem]
Luca Saiu
Last modified: 2021-03-06

Copyright © 2007, 2012, 2016, 2019 Luca Saiu
Verbatim copying and redistribution of this entire page are permitted provided this notice is preserved.