Cryptographic verification for posterity
Not your typical Substack post.
I was doing my annual PGP key expiration update (happens some time in January every year, unless I die), and I thought I’d write up a post here enumerating my digital identity items.
I’ve always been an earnest pragmatist when it comes to anonymity on the Web. I never post non-publicly on Facebook, and my posts are always very clean and strong from an interactivity value standpoint. Since life is more boring than social media would make it appear, I don’t post often. For the most part, this is how I approach the Web.
Many people misunderstand that the fundamental bulwark of cryptography is usually retrospective and forensic: we don’t keep signatures of things because it matters today, but because it may matter tremendously later on. Put in that better light, it becomes clear that most of the work to be done with digital paper trails is acceptably imperfect.
The fundamental object of cryptography then is not some ethereal ghost in the shell, my identity fully diffused and melted into some idealised hallucination of my own self-concept. The fundamental object is actually my work. For me specifically, that means my code, which I always sign with my keys, and my writing, which you are reading on Substack now.
Given the corpus of writing and payments integration at hand here, I think it would be beyond a reasonable doubt to tell you that I am who I say I am in writing this, for whatever it would truly be worth. That is why I want to place my keys here, and account for the short list of potential oddities in the record.
The conventional suffix of my public key, the full fingerprint of which is
B6D3167731BCBAF4133EE2B01AA23F9F62DA62E1. I originally created this key in August of 2021 with an expiration date at the end of January, 2022, however I let it expire and only renewed it in June. I have an annual habit of updating it in early January of each year following.
The email list is various, and you’ll have to take my word that they all belong to me. The work addresses (
@unai) once did, but no longer do. GitHub shows that they were all verified:
Again, you’ll have to take my word on the screenshots being real. Unfortunately, centralised data lakes like GitHub have no interest in providing independent verifiability of user data to the general public, and all of the startups that tried to provide this service (e.g. Keybase) either turned gay or died. Such is life.
You can subscribble to my Stubstack by clicking this big orange button. I’m mostly putting it here because the editor will bitch at me if I have none, but also, I like money. Really though, I appreciate every dime I get. You didn’t have to.