FIRST uses Pretty Good Privacy (PGP) encryption for cryptographic privacy in communications with members. In order to provide open channels in which the members can also encrypt messages to the FIRST Secretariat, board members and other teams, FIRST publishes public keys on the public and members' only websites:
7735 1149 3722 9A3C 2129 8903 7F8C 6565 13F6 AD57
These keys are available for FIRST members only. FIRST members have access to other members' and teams' public PGP key.
Shin Adachi will be coordinating the in-person PGP key signings for FIRSTCON23 attendees.
If you wish to participate, please upload your PGP key(s) and don't forget to bring a government issued photo ID to the keysigning.
Key signing dates/times at FIRSTCON23:
FIRST members planning to join the PGP keysigning party are highly encouraged to upload your public key into their FIRST profile before the party.
While we welcome CSIRT or other shared team keys, many key signing participants will not sign team keys, only individual keys. For additional information on PGP and the key signing process the following links should help familiarize you:
Please note: Due to various limitations with PGP key servers today, such as their susceptibility to flooding attacks and limited synchronization, we recommend sending signed keys, preferably encrypted, individually and directly to each associated key party attendee after any key signing party verification activity.