jbash: Identity and authentication

Greetings. I am jbash.

The page you're reading is http://jbash.velvet.com, and is meant to identify me to you, and to help you to be sure you're really dealing with me.

Essentials

Everybody calls me just "jbash" (one word, pronounced "jaybash"). My more conventional name is John Robert Bashinski.

Others among the 8 billion people on this planet use the name "jbash" or very similar names. They are not me and I don't know them.

Email and PGP

Be suspicious of any unusual or sensitive mail from me that isn't PGP-signed. I do occasionally send unsigned messages from my phone. I also sometimes leave messages unsigned if I think some broken filter may drop them because of the signatures.

Chat ("Instant Messaging")

Be suspicious of any unusual or sensitive IM that claims to come from me and doesn't use cryptographic authentication.

Domain names

Social networks, etc

I don't use these accounts much and rarely check most of them. I prefer to be contacted through my own velvet.com or jbash.com services

Cryptocurrency

Feel the need to send me money? Alway happy to oblige! You might want to let me know you've sent it, though. I don't watch these wallets for activity, and I have this odd feeling that there'll never be any. :-) Grin coming soon (if I feel like it...).

Affiliations

As of 2018-12-14, I have no affiliations. When I do have affiliations...

Nothing I say or do should be treated as being in my official capacity at any of my affiliated organizations, unless either it's sent from that organization's domain, or it explicitly states that I'm acting in my official capacity. I won't do the latter without doing the former unless I have an obvious good reason.

If you want to communicate with me in my official capacity at an affiliated organization, please use the contact information associated with that organization.

Former Affiliations

Cryptographic data

This file

The directory at https://jbash.velvet.com/indexsigs contains detached OpenPGP signatures for the file containing the HTML text of this Web page. There are signatures made with several of my past and present keys.

This file itself is at https://jbash.velvet.com . The server should sign its traffic, including this file, with a key certified by the CA key included below.

OpenPGP

I use or have used the following PGP keys:

Type Fingerprint Comment
RSA/4096 07D7 44A7 EFA8 F420 3405 17BE 8F93 F169 37EA 58BD Used for personal business after 2013-01-06 (with velvet.com and jbash.com email addresses). Use this key.
RSA/4096 D274 B620 D920 CCE6 E99C FAAA B6A8 618F C360 E351 Used for Cisco business after 2013-01-06 (with cisco.com email address). This key signs the personal one, and itself has more signatures than the personal one. I am no longer affiliated with Cisco.
DSA/1024 EDEB 56E6 2B18 AE11 177F FE92 76AF B635 BD26 37C5 Used for Canadian Polyamory Advocacy Association business after 2010-04-17. I am no longer affiliated with the CPAA.
DSA/1024 1111 70DF 6D0C 6A44 70D8 646A F8AE 45B4 A753 D462 Personal business 2003-11-01 through 2013-01-06.
DSA/1024 527C 07F7 CE44 C04A 7160 487B 4176 2225 F77F 25B6 Cisco business 2003-11-01 through 2013-01-06.
DSA/1024 44A5 3DA9 07D3 2DFF 4FF7 778E 6158 16C5 3ACE 55FE Used 1997-08-11 through 2003-11-01 together with 270076FD.
RSA/1024 D8 24 C9 85 77 31 31 C4 1F A8 03 DE 93 15 69 F0 Generated 1994. Many old signatures.

All of my PGP keys are on the public keyservers.

DNSSEC

All of my domains are signed with DNSSEC.

X.509 CA

Most or all certificates for services I operate are signed by my own KDJF.NET CA rather than by the public CAs. I may someday switch to Let's Encrypt for some or all public-facing services.

KDJF.net root certificate:

openssl x509 -text -fingerprint -sha512 < CA.crt 
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2906756539 (0xad4195bb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: O = KDJF.NET, CN = Certificate Authority
        Validity
            Not Before: Apr 17 15:06:12 2018 GMT
            Not After : Apr 17 15:06:12 2028 GMT
        Subject: O = KDJF.NET, CN = KDJF.NET IPA online CA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:ea:7c:d0:c5:39:33:ad:70:6e:ec:0f:92:18:86:
                    29:1c:38:ad:b8:8a:9d:58:6e:ca:30:cf:50:10:f9:
                    43:70:12:bc:1b:35:24:c3:d9:aa:fb:bf:cb:60:f2:
                    a5:29:44:12:62:6c:aa:f6:a0:51:66:8e:ac:aa:e6:
                    c1:12:53:b4:38:8a:a3:83:e3:00:09:46:fa:9b:f3:
                    16:50:54:93:c9:87:ca:f0:e4:b4:f1:6e:c8:35:04:
                    ab:cb:ef:a7:6f:2e:e2:bc:40:75:f0:44:18:b6:81:
                    11:5e:16:26:46:d4:a9:68:2e:72:88:74:6a:78:2b:
                    c3:35:c2:f7:3a:3a:d8:f9:cb:ec:f7:9b:df:f3:34:
                    e2:d1:4e:8f:f2:91:78:b8:50:08:ee:d2:e7:fa:88:
                    0f:33:e3:96:b8:8a:33:dc:b1:ca:32:7a:e7:48:c3:
                    09:31:cf:39:25:e9:3b:19:91:3c:ae:43:53:71:20:
                    26:3f:6e:12:06:58:1f:ae:93:88:46:bb:e4:7a:5b:
                    a9:0e:ed:85:73:56:9a:3a:e0:ba:9f:6f:30:98:68:
                    8e:69:18:de:3f:e4:e2:ba:1a:11:a1:73:7f:2a:e3:
                    d6:e5:7b:6c:89:87:2c:b6:1d:a0:12:ef:08:9f:00:
                    f8:b1:9d:6f:4d:ed:1b:5a:72:2c:60:9e:83:95:ac:
                    30:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Non Repudiation, Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            Authority Information Access: 
                OCSP - URI:http://ipa-0.kdjf.net:80/root-ca/ocsp

            X509v3 Subject Key Identifier: 
                38:38:35:37:36:30:35:39:63:64:32:30:33:66:33:36:39:39:62:65:37:61:65:37:66:39:34:39:64:66:62:37:63:33:35:35:63:33:32:39
    Signature Algorithm: sha256WithRSAEncryption
         3a:e9:0f:d3:cb:33:53:b0:ff:54:ba:e6:fd:75:11:63:53:87:
         72:e3:b1:63:0d:b8:3c:a6:2a:4d:77:05:6a:9f:8b:57:60:ed:
         39:db:be:78:6c:5f:1d:8a:e4:33:db:03:0c:29:2a:df:e0:b8:
         4b:4c:4a:24:72:be:b3:0b:37:bb:75:ff:ed:38:cd:cd:51:af:
         35:e3:72:71:45:51:62:01:46:00:d1:52:be:0b:5e:6f:82:eb:
         e5:88:2d:69:f3:e7:64:74:f0:f1:1f:4b:9f:48:04:35:48:3d:
         72:8d:23:d3:7f:b7:c7:55:53:ef:37:39:ed:8a:9d:cd:ae:95:
         88:e4:0f:03:1e:a1:70:ce:af:bf:97:6f:f3:78:f7:65:7a:8e:
         4a:2e:a8:22:e3:08:61:fb:ee:c5:08:6e:9c:17:dd:d5:2d:3f:
         93:07:53:58:bd:1a:69:e0:86:d1:9b:a6:e0:97:48:43:6f:1c:
         d6:a4:f8:bf:e8:87:9f:7c:45:64:dd:2b:81:cc:09:0b:99:ba:
         60:da:f7:1d:74:6b:3f:86:e1:92:fc:f0:b7:cb:14:75:81:d8:
         fe:b7:f3:21:17:68:d3:1b:de:f1:69:9a:2b:01:a9:15:27:0c:
         d8:da:ea:88:e2:d7:46:d0:5a:24:47:ba:0d:dc:e4:71:3c:9a:
         02:79:2c:7f
SHA512 Fingerprint=19:A6:49:D7:97:12:6D:0D:01:FB:C7:8E:AE:2B:2E:00:56:79:4A:BD:5E:F8:FA:FE:98:23:1A:42:6E:F0:F8:E5:C6:E0:18:06:1E:A7:E2:9E:0F:45:C8:03:58:01:43:F6:2E:ED:5F:25:2B:5D:95:F1:37:4D:56:0B:D0:5D:5A:65
-----BEGIN CERTIFICATE-----
MIIDgTCCAmmgAwIBAgIFAK1BlbswDQYJKoZIhvcNAQELBQAwMzERMA8GA1UEChMI
S0RKRi5ORVQxHjAcBgNVBAMTFUNlcnRpZmljYXRlIEF1dGhvcml0eTAeFw0xODA0
MTcxNTA2MTJaFw0yODA0MTcxNTA2MTJaMDQxETAPBgNVBAoTCEtESkYuTkVUMR8w
HQYDVQQDExZLREpGLk5FVCBJUEEgb25saW5lIENBMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEA6nzQxTkzrXBu7A+SGIYpHDituIqdWG7KMM9QEPlDcBK8
GzUkw9mq+7/LYPKlKUQSYmyq9qBRZo6squbBElO0OIqjg+MACUb6m/MWUFSTyYfK
8OS08W7INQSry++nby7ivEB18EQYtoERXhYmRtSpaC5yiHRqeCvDNcL3OjrY+cvs
95vf8zTi0U6P8pF4uFAI7tLn+ogPM+OWuIoz3LHKMnrnSMMJMc85Jek7GZE8rkNT
cSAmP24SBlgfrpOIRrvkelupDu2Fc1aaOuC6n28wmGiOaRjeP+TiuhoRoXN/KuPW
5XtsiYcsth2gEu8InwD4sZ1vTe0bWnIsYJ6Dlaww4wIDAQABo4GaMIGXMA4GA1Ud
DwEB/wQEAwIBxjAPBgNVHRMBAf8EBTADAQH/MEEGCCsGAQUFBwEBBDUwMzAxBggr
BgEFBQcwAYYlaHR0cDovL2lwYS0wLmtkamYubmV0OjgwL3Jvb3QtY2Evb2NzcDAx
BgNVHQ4EKgQoODg1NzYwNTljZDIwM2YzNjk5YmU3YWU3Zjk0OWRmYjdjMzU1YzMy
OTANBgkqhkiG9w0BAQsFAAOCAQEAOukP08szU7D/VLrm/XURY1OHcuOxYw24PKYq
TXcFap+LV2DtOdu+eGxfHYrkM9sDDCkq3+C4S0xKJHK+sws3u3X/7TjNzVGvNeNy
cUVRYgFGANFSvgteb4Lr5YgtafPnZHTw8R9Ln0gENUg9co0j03+3x1VT7zc57Yqd
za6ViOQPAx6hcM6vv5dv83j3ZXqOSi6oIuMIYfvuxQhunBfd1S0/kwdTWL0aaeCG
0Zum4JdIQ28c1qT4v+iHn3xFZN0rgcwJC5m6YNr3HXRrP4bhkvzwt8sUdYHY/rfz
IRdo0xve8WmaKwGpFScM2NrqiOLXRtBaJEe6DdzkcTyaAnksfw==
-----END CERTIFICATE-----