|
Welcome 38.103.63.17:44533! This page is to some extent about privacy.
(CCBot/1.0 (+http://www.commoncrawl.org/bot.html))
PGP keys are useful to certify who sent the message or encrypts text that only intended recipients read.
Here is where you store your PGP Public Key for the world to reference. Free. PGP Software is
available from here as well.
As a service to our clients and a public service to the larger internet community, we
operate a cluster of public key certificate servers from Canada. Keyservers are
accessed on port 11371.
From this page you can:
- Learn some OpenPGP Public Key Server Commands
- Extract a Key from the Server
- Submit a Key to the Server
- Enter an ASCII-armored PGP key
- I f you have permission and the address, you can send a key using email.
|
OpenPGP (hkp://) sks.keyserver.ca:11371 <-- hint: use this one
or
keyserver.canadaemails.com:11371 (one of many aliases in a large replicating cluster of servers)
We use ldap pgp, sks and pks systems and welcome inquiries from testers and developers looking for a unique keyserver.
Also if you operate your own server you can contact our 'keymaster' to make peering arrangements. PKS peering (email) arrangements are also welcome.
|
This keyserver is where you can store your PGP public keys using the Web Interface we have provided so that users world-wide can
reference your key.
Speak to the KeyServer via E-mail
Ask the Server for Help
To: supplied address
From: foo@bar.site.edu
Subject: help
Update or add your key
For example, to add your key to the keyserver, or to update your key if it is already there, send a message similar to the following:
To: supplied address
From: foo-bar@foo.site.edu
Subject: add
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: PGP 9.7
mQGiBEeelbIRBAD7gjtEgKWsAo4mP3QH14mhxIlm2pXWVZEgWxcDjMPW0wRcxYot
A21bjbV479LQJYN9SV3qXQl0ePPM/TJ2rduWiUP3tPBUf92K2UJG2yA3XjPHg3Uk
4j5yRLZ3gI8qJkPxy8jKuONV92Hzld9UfTOxTE3dIXbnOc84Qw02YXa1SwCg/9ty
qGt0qqbBU+qnjYZduPswBD8D/RibElqCx0gyHWVa5rTPDTC3RwDV7quBRjDcsj9v
uaty6ObaNa4r5xA0OHKbq/RIw1txS+Zn9Z/eCjRp12i5hKMVyRUjsgsh/6KVYw4/
8EO9NIXeSEmwghTRykwaH9bTItuNavUPCOIILeo+6GBMyH0fu3dqNtr4/Xs1gANS
+89qA/96uPrSwSsDFy7vMmmT3VoQd3DcjyyWcKGSFxLRdKYL/TzhX2PqWcHkXdZQ
jQWbtfI6qaB1GdA0yv9f5lQGuN70TtX2NIvdpyh0J0gudH3O5DQ/4JyrN+jzUMz3
6b+tZu5nubW/Qk5ubgEDit1XuGIAPffacO/NZmLBHEeUcNNob7Qla2V5c2VydmVy
LmRibWEuY2EgPGtleXNlcnZlckBkYmfsemNhPokAXQQQEQIAHQUCR56VsgcLCQgH
AwIKAhkBBRsDAAAABR4BAAAAAAoJEPuhX7Xwv/xbCi0AoMVtJqbHexfe9lVolzSy
TaX33ufCAKDYCvI37G9333o1PdSbL1ymaWxxi7kCDQRHnpWyEAgA9kJXtwh/CBdy
orrWqULzBej5UxE5T7bxbrlLOCDaAadbgxTpj0BV89AHxstDqZSt90xkhkn4DIO9
ZekX1KHTUPj1WV/cdlJPPT2N286Z4VeSWc39uK50T8X8dryDxUcwYc58yWb/Ffm7
/ZFexwGq01uejaClcjrUGvC/RgBYK+X0iP1YTknbzSC0neSRBzZrM2w4DUUdD3yI
sxx8Wy2O9vPJI8BD8KVbGI2Ou1WMuF040zT9fBdXQ6MdGGzeMyEstSr/POGxKUAY
EY18hKcKctaGxAMZyAcpesqVDNmWn6vQClCbAkbTCD1mpF1Bn5x8vYlLIhkmuqui
XsNV6TILOwACAgf9F9FR0WV4yzI4QJot8CLSBeYsU+o2iRe+YH6UjsIfpvnwNjWZ
v77hRWhP70Uydhx9CI5NnE6Lfgh8r+bbP1sCKVMXzjd6hXyYeqh1T2o+LY3dwbx9
/ok891kU4mtZ2lG3jmXpZ5YFCyoPnRgDWNWWIIYj5XOkiQmwN6hlqPK5bpCOHOvG
yo9qTPwyUzJzsQF50iw1++y0gmUgI4+FHdOlcrgn3zy6PUYrEiPcWgmtHNrN2hkD
De5iyVBEAPvDHbqYZ1s/9L3fHWvfx4ECieqvUsdU/lXhfpiBIr3/FrnfY8fVrMb7
45EEXxVV4h6mJl5K2wn6xGGADJ7n9YF7utxF/IkATAQYEQIADAUCR56VsgUbDAAA
AAAKCRD7oV+18L/8W8m8AKCni2aSfJBGbWJ+XPYNiKCgOfU/vACdHFiaF/YNdS3G
RcdkDVgVuQyF/i4=
=Ogs+
-----END PGP PUBLIC KEY BLOCK-----
Revoking Compromised Keys:
Create a Key Revocation Certificate (read the PGP docs on how to do that) and mail your key to the server once again, with the ADD command.
Valid commands:
Command - Result
| HELP |
help :o) |
| HELP language - |
Regionalized help text (DE, EN, ES, FI, FR, HR, NO) |
| ADD - |
Add PGP public key from the body of your message |
| INDEX userid - |
List all PGP keys containing the words in userid |
| VERBOSE INDEX userid - |
Verbose list of all keys containing userid |
| GET userid - |
Get the key(s) matching userid |
| LAST days - |
Get the keys updated in the last
'days' days |
This KeyServer is provided as a free service
It is available to any user or group of users. It is the responsibility of users of public-key
cryptography to ensure that their activities conform to legal requirements in the jurisdiction of
their activities.
PGP can certify and even encrypts your mail or other content so that a recipient can tell if it
has been tampered with or in the case of encryption, nobody but the intended person can read
it.
When encrypted, the message looks like a garble. PGP has proven itself quite capable of
resisting even the most sophisticated forms of analysis aimed at reading the encrypted
content.
PGP can also be used to apply a digital signature to a message without encrypting it. This
is normally used in public postings where you don't want to hide what you are saying, but rather
want to allow others to confirm that the message actually came from you. Once a digital signature
is created, it is impossible for anyone to modify either the message or the signature without the
modification being detected by PGP.
To facilitate broad use of our PGP / PKI keyserver resource you need only provide
recipients with the authentication address for your key
((hkp://) dbma.keyserver.ca:11371) Please
include a link on your web page to this keyserver so that your members / visitors can easily read
instructions for configuring their PGP software. Normal uptime is 99.99%. Keyserver maintenance
intervals are now monthly between the hours of 10:00-12:00 UTC on the last business day of the
month.
This keyserver provides Web-Based HTTP key services.
Confidentiality via Encryption
OpenPGP uses two encryption methods to provide confidentiality: symmetric-key
encryption and public key encryption. With public-key encryption, the object is
encrypted using a symmetric encryption algorithm. Each symmetric key is used
only once. A new "session key" is generated as a random number for
each message. Since it is used only once, the session key is bound to the
message and transmitted with it. To protect the key, it is encrypted with the
receiver's public key. The sequence is as follows:
1. The sender creates a message.
2. The sending OpenPGP generates a random number to be used as a
session key for this message only.
3. The session key is encrypted using each recipient's public key.
These "encrypted session keys" start the message.
4. The sending OpenPGP encrypts the message using the session key,
which forms the remainder of the message. Note that the message
is also usually compressed.
5. The receiving OpenPGP decrypts the session key using the
recipient's private key.
6. The receiving OpenPGP decrypts the message using the session key.
If the message was compressed, it will be decompressed.
With symmetric-key encryption, an object may be encrypted with a
symmetric key derived from a pass phrase (or other shared secret), or
a two-stage mechanism similar to the public-key method described
above in which a session key is itself encrypted with a symmetric
algorithm keyed from a shared secret.
Both digital signature and confidentiality services may be applied to
the same message. First, a signature is generated for the message and
attached to the message. Then, the message plus signature is
encrypted using a symmetric session key. Finally, the session key is
encrypted using public-key encryption and prefixed to the encrypted
block.
Authentication via Digital signature
The digital signature uses a hash code or message digest algorithm,
and a public-key signature algorithm. The sequence is as follows:
1. The sender creates a message.
2. The sending software generates a hash code of the message.
3. The sending software generates a signature from the hash code
using the sender's private key.
4. The binary signature is attached to the message.
5. The receiving software keeps a copy of the message signature.
6. The receiving software generates a new hash code for the
received message and verifies it using the message's signature.
If the verification is successful, the message is accepted as
authentic.
|
