Articles here on this blog...

... are all written out of personal interest and express my personal view - not that of my employer.

About Gert van Dijk

With passion for open source software and IT security I am writing some article here every now and then. I'm currently employed by StartMail, and formerly by Tulip Solutions, Fox-IT and Zarafa (now Kopano).

However, as stated above, none on the content on this site is to be related to my employer.

Digital keys and signatures

Boring, I know, but important

Before obtaining and importing any of the security keys here, only access this page over a secure channel (HTTPS) and make sure to validate my website identity using your browser's location bar. The major risk of not validating these is an attacker could be monitoring and tampering your secure communications.

My PGP key

Download my PGP/GnuPG key here: 0xA08C9903

Fingerprint: BB0F CCD1 00FB 082F D67E FBF9 B90E 30CB A08C 9903

Import it to your keyring and verify it as follows:

gpg --import A08C9903.asc
gpg --fingerprint

If we meet in person and if you'll be able to prove your identity to me, I'm happy to sign each other's PGP key.

In case you prefer using, consider tracking me there.

My 'Gert van Dijk Root CA G3'

For some purposes other than this blog, I like to keep certificates to my own PKI. Download the root certificate here (PEM format): Gert_van_Dijk_Root_CA_G3.crt.

My Root CA is ECDSA/P-256 and the private part is stored securely on a smart card. I've published it here in case you run into my Root CA or in case you need it to access and validate any of the services you are accessing.

Fingerprint (SHA256):


Verify with for example in OpenSSL:

openssl x509 -in Gert_van_Dijk_Root_CA_G3.crt -sha256 -fingerprint -noout

Or verify it using my PGP key and the detached signature file in case you have verified my key. Download both the certificate and the detached signature and verify it:

gpg --verify Gert_van_Dijk_Root_CA_G3.crt.sig Gert_van_Dijk_Root_CA_G3.crt

comments powered by Disqus