FIRST uses Pretty Good Privacy (PGP) encryption for cryptographic privacy in communications with members. In order to provide open channels in which the members can also encrypt messages to the FIRST Secretariat, board members and other teams, FIRST publishes public keys on the public and members' only websites:
Private messages can be sent to the FIRST Infrastructure using it's public PGP key:
FIRST Infrastructure Public PGP Key
7735 1149 3722 9A3C 2129 8903 7F8C 6565 13F6 AD57
These keys are available for FIRST members only. FIRST members have access to other members' and teams' public PGP key.
This event has now concluded.
John Kristoff of NETSCOUT ASERT, coordinated an in-person PGP key signings for FIRSTCON22 attendees.
While we welcome CSIRT or other shared team keys, many key signing participants will not sign team keys, only individual keys. For additional information on PGP and the key signing process the following links should help familiarize you:
Please note: Due to various limitations with PGP key servers today, such as their susceptibility to flooding attacks and limited synchronization, we recommend sending signed keys, preferably encrypted, individually and directly to each associated key party attendee after any key signing party verification activity.