Richard Clayton's PGP keys and policies

Summary

Use the key 0x211187E2 with PGP v5 (v6, v7, v8...)

If you must encrypt using PGP v2.x.x then use 0xDCABB485

My long-term signing key is 0x7CF07A65, but please do not use this key for encrypting any traffic.


Email addresses

I have a number of working email addresses. My ancient Demon Internet account gives me richard AT happyday.demon.co.uk -- and I expect to keep this for some time. Other addresses that I have used, and that all still work are:

richard.clayton AT cl.cam.ac.ukCambridge Computer Labfor academic use
rnc1 AT cl.cam.ac.ukCambridge Computer Labmore (or less) memorable
richard AT highwayman.comHighwayman Associatesfor any (and all other) purposes

The following addresses still work, but should be avoided in future:

richard AT locomotive.comLocomotive Software
richard AT turnpike.comTurnpike Software

These addresses, once associated with keys, no longer work:

richard AT demon.netDemon Internet
richard AT thus.netThus plc

Keys

In the beginning (1 JAN 1997) I had two RSA (v2.6.x) PGP keys:

0x7CF07A65RSA 1024 bitsrichard AT happyday.demon.co.uk
0xDCABB485RSA 1024 bitsrichard AT turnpike.com

being ancient v2.6.x keys they never expire. They are cross-signed to show their equivalence. The first of these can be viewed as my long term identity since its main use these days is for signing other more transient keys.

If you are still using PGP v2.x.x then please use the 0xDCABB485 key for encrypted traffic -- since a signing key should not be used for secrecy!

Since 1999 I have been using 2048/1024 DH/DSS keys (for use with PGP5 and PGP6). My habit has been to change key on a reasonably regular basis, and to sign the new key with the key that was about to expire (so you can see a thread of trust running through all of these). They are also all signed by 0x7CF07A65 -- my long term identity key.

0xE02B06F9 Jan 99 -- Dec 99 richard AT happyday.demon.co.uk
0x8B63D0DD Jan 99 -- Dec 99 richard AT turnpike.com
richard AT demon.net
0x5DCA8481 Jan 00 -- May 00 richard AT happyday.demon.co.uk
0x914404C6 Jan 00 -- Jun 00 richard AT demon.net
richard AT turnpike.com
0x21817156 Jul 00 -- Dec 00 richard AT demon.net
richard AT turnpike.com
richard AT thus.net
0x7F7DE44B Jan 01 -- Dec 04 richard AT demon.net
richard AT turnpike.com
richard AT thus.net
richard.clayton AT cl.cam.ac.uk
rnc1 AT cl.cam.ac.uk
0xD8D683E2 Jan 05 -- Dec 10

NB: not expired, but
but by policy no more
subkeys will be created.
richard AT highwayman.com
richard AT happyday.demon.co.uk
richard AT demon.net
richard AT thus.net
richard.clayton AT cl.cam.ac.uk
rnc1 AT cl.cam.ac.uk

My current key (which is the one I use for day-to-day signing and from which you should use the sub-keys for day-to-day encryption) is:

0x211187E2 DH/DSS 2048/1024 bits richard AT highwayman.com
richard AT happyday.demon.co.uk
richard.clayton AT cl.cam.ac.uk
rnc1 AT cl.cam.ac.uk

it will expire on 1 January 2016. It will acquire confidentiality sub-keys as needed. Currently sub-keys are available for use up to 31st December 2014.


The Regulation of Investigatory Powers Act

I am subject to United Kingdom laws. Under the RIP Act 2000 it is possible for law enforcement (and other bodies) to request that encrypted material sent to me is put into an intelligible form. This part of the Act came into force in October 2007. If I wished to comply with such a request I would do this by providing them with the session key for a particular message -- thereby preserving the confidentiality of all other messages sent to me. However, in some circumstances it will be lawful for my private key to be requested and, in even more exotic circumstances, for it to be an offence for me to tell people that my key has been seized. At the time of writing, late December 2013, you will be pleased to know that no notices of any kind have been served on me.