avatar
H3arn
I don't care much about this,
pretending we're back where we started.

如不能倖免,以下則是遺言。

我見過芳草地,見過花,見過白日漏下的光斑和月亮,流過滾燙的淚,嘔過心頭的血。

我的痛苦與歡欣都是真的、鮮活的,我不後悔。

source

About This Site

Mainly for recording my own cyber surf.

Highly customized, very trivial, just for myself and those running into similar situations. Hope it’d be helpful.

This blog is now hosted on Cloudflare Pages, with a hot backup on Netlify.

Some icon resources are from Alicdn.

本站亦有 中文版本

About Me

Hi, there. This is H3arn,

one ordinary man,

who believes in openness but somehow traditional.

Trivial. Old-fashioned. Foolish. Stubborn. Jealous.

Interested in STEAM. Computers and Networking, especially.

Want to be a literary girl, more than anything.

PGP

This key will expire on 2024-07-15.

If the key was not renewed and no new key was released by that time, I would probably be imprisoned or even dead then.

You can get it here, from the key pool of openpgp.org

or from GitHub

I once shared an article about PGP uid collision, which since then inspired a lot of people to exploit their computers for calculating a cool PGP uid. But this also brings a higher risk of MITM attack. I deeply apologize for that.

Considering the current capability of common brute force solutions, it’s no longer a reliable method using 16-char hex uid to verify the identity.

Thus, the fingerprints and the date of all the subkeys have to be verified.

(The timestamp should be around 2021-09-07 02:20 UTC, when the hex unix timestamp should start with 61 36 cc. BTW the key was signed again at 2021-12-24 17:22 UTC.)

first of all, verify the fingerprint of the key for certification.

$ gpg --show-keys --fingerprint h3arn.gpg

A output like this is expected

pub   ed25519 2021-09-07 [C]
      3648 64A3 A1AF 4174 D9BD  E7C6 6076 CBBA 23E9 8A57
uid                      H3arn (Hearn's PGP key v2.0) <root@h3a.moe>
sub   ed25519 2021-09-07 [S]
sub   cv25519 2021-09-07 [E]
sub   ed25519 2021-09-07 [A]

If correct, import the key. then verify the subkeys.

gpg --fingerprint --with-subkey-fingerprints root@h3a.moe

A output like this is expected, all four fingerprints must match the result below.

pub   ed25519 2021-09-07 [C] [expires: 2024-07-15]
      3648 64A3 A1AF 4174 D9BD  E7C6 6076 CBBA 23E9 8A57
uid           [ultimate] H3arn (Hearn's PGP key v2.0) <root@h3a.moe>
sub   ed25519 2021-09-07 [S] [expires: 2024-07-15]
      B71D A984 8E17 C6E7 72A3  C3C4 FD11 06C9 445D 42D0
sub   cv25519 2021-09-07 [E] [expires: 2024-07-15]
      1EA5 4FFF 224C 5519 A0F8  130E 04FA DDFF 8143 BEAE
sub   ed25519 2021-09-07 [A] [expires: 2024-07-15]
      6B72 542F 15EE BE1A D86F  B2E5 44F2 450F 50BF E621

Check it and set trust level.