Almost all of my related social accounts were also renamed:
The net result is that I no longer have to ROGER-FOXTROT-KILO-ROGER-OSCAR-CHARLIE-KILO-TANGO-KILO, anyone who knows my name can easily find my accounts and no one will have to ask who
@rfkrocktk is anymore.
Now I can NOVEMBER-ALPHA-FOXTROT-TANGO-UNIFORM-LIMA-INDIA KILO-ALPHA-YANKEE. Somehow this seems like an improvement to me.
My SSH keys are available here along with signatures from my PGP key above:
The above /ssh/keys, after being verified of course, can be concatenated onto
~/.ssh/authorized_keys to grant me access to your host.
Speaking of verfication, here's how to verify the SSH keys against my PGP identity:
# fetch from keybase curl -s https://keybase.io/naftulikay/pgp_keys.asc | gpg2 --import # or fetch from keyservers gpg2 --keyserver pgp.mit.edu --recv-keys 6D63865D1C6EEB0F92C394A15D21FFA27D8DCC66 # next, get the keys and their signature curl -so keys https://secops.naftuli.wtf/ssh/keys curl -so keys.asc https://secops.naftuli.wtf/ssh/keys.asc # finally, verify gpg2 --verify keys.asc keys
SSH key fingerprints are available here, though they're not very useful to the average person:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 4096 SHA256:buiUcBzctSqErEG+LVtBFZmdc7h7y7eh6tLKS0MvqhE naftulikay:2 (RSA) 4096 SHA256:yZVkam2g2RvdC8F1iMkSfUVJ9VYNe+gnbMdYwa1iBGg naftulikay:1 (RSA) 4096 SHA256:PSyXvUTFXu+myNTBjyrf36DnGQBBMJgICggmrsm+uKs naftulikay:0 (RSA) -----BEGIN PGP SIGNATURE----- iQIcBAEBCgAGBQJa7PDMAAoJEIKDWljdEfHR0psP/jCPo4eMUsWAA8SkkhugccGk eWkBMERq2kIci4JqhQn6l7OsSfZ1lzNAus/6lixdITuR5MjfhEMxFQBNuFit+wjZ QEudXDBxv99MY6btylFMzvPgkRaYEzoxD9Wa/P4ngiDSemIYbstK+uoYDn9o91Ji fZm/pNzGvutbwhOEg0jCQqUmjqFmv7QolPxj+bevGO/gRhvvTkDzCmRg+/PMxnzx f2YaIj55vsy4TNM0LNThdi50/lM4yba9VByEVgie9u8YHEdy6TEpzf6AnGaJKpC7 edNICoyhzarOKL3dPa3XBQuhw27R3ikM+agy2HucMSdPqI3pZaUYRBSA3tqja8Fc WIQ5gzx/Qd9YYpKIHERUe56ssvBDcI0o8a4EDaJrdtBJVl8vh2uiNmMySKARwQPp oo/lKJ6wQ6S7RrlEZ4zVVg1T61YvwCDtOMP1bgZn+eTUqWU+NtZ3skCwu0eUZG/G yGtSEbdcE4hVHwiX8tR3dHn3iNjfgCJYQHv8WsQBL+hGBauGolIb5ne0K5PCuPUY mpdFyFXHdoOniDC+97N0am4wV8nV0bf7cGWdfi/BqHDtWU7j6R0oiZZmRjCA21Tr ysFNQb2GAyFyxb1R0Gjmedt0MkF4nrgrZ0ZGEy1IPSRChANnUCY0MVsp8i5wbT2T WWrAAcLb4WHxubl64aYF =/Smp -----END PGP SIGNATURE-----
Unfortunately, Signal has changed the way identities work:
How do I verify the person I'm sending messages to is who they say they are?
Each Signal conversation has a unique set of safety numbers. This replaces the old version of a fingerprint or identity key for just yourself. These safety numbers get stored the first time you exchange a private message with a new contact. You will be warned if a conversation's safety numbers ever change. This can happen if someone else is pretending to be them, or if they get a new phone and reinstall Signal.
In case their documentation changes, here is a screenshot of the text as of 2016-11-13 23:01:54+0000.
While I'm sure this was done with the best intentions, this makes it impossible for anyone to post their global identity online; therefore I cannot simply PGP sign my Signal identity to prove who I am except on a conversation-by-conversation basis. If you would like such verification, please request it.