Cryptographic keys

The following public key data corresponds to private keys I control. The following is subject to my key signing policy.

Verifying an X.509 (S/MIME) signature

Download the binary form of the key you wish to verify, plus the signature you wish to verify it against. Then, run openssl to run this verification command:

openssl smime -verify -inform PEM -in signature -content binary-key -out /dev/null

Verifying a PGP signature

Download the binary form of the key you wish to verify, plus the signature you wish to verify it against. Then, run gpg to run this verification command:

gpg --verify signature binary-key

Is this X.509 certificate the same one I imported?

If you're not sure that the key you've imported into your browser or mail client is the same as the one you verified, compare the SHA-1 and MD5 fingerprints of the certificate against the SHA-1 and MD5 digest of the DER-formatted certificate.

Why are only the binary versions signed?

Base64-formatted messages, like ASCII-armored PGP and PEM-formatted S/MIME messages, are a very flexible, non-canonical form of the data which provides some potential for collision-based attacks on the signature. The canonical forms used here, as described in my key signing policy, are somewhat less susceptible to such an attack.

The DER forms of the certificates can also demonstrate a correlation between a signature and a certificate imported into your mail client or browser; simply check the SHA-1 or MD5 fingerprint of the certificate against the SHA-1 or MD5 digest of the DER certificate.