Tails 开发者维护着几份 OpenPGP 密钥对。

请确保要验证你下载的密钥,因为在密钥服务器上有很多假的或是恶意篡改的 Tails 密钥。

For example, if you first authenticate the Tails signing key through the OpenPGP Web of Trust, then you can verify our others keys as they are all certified by the Tails signing key.

Private mailing list key

Purpose

加密

This key has an encryption subkey. Please use it to send encrypted emails to our contact address: info@tails.net.

Policy

密钥本身和它的密码存储在运行了我们的加密邮件列表软件的服务器上,以及由我们核心开发者管理的系统上。

Key details

pub   rsa4096 2024-04-30 [SC]
      BDDC755D6B2D9FA09F0B92278C1487D924461904
uid           [ unknown] info@tails.net <info@tails.net>
uid           [ unknown] info@tails.net <info-request@tails.net>
uid           [ unknown] info@tails.net <info-owner@tails.net>
sub   rsa4096 2024-04-30 [E]

How to get the public key?

有这样几种途径获取 OpenPGP 公钥:

Signing key

Purpose

这个密钥只能用来签名和认证:它没有加密子密钥。

它的唯一目的就是:

  • To sign Tails released images

  • To certify other cryptographic public keys needed for Tails development

Policy

密钥是永远不会放在某个在线的服务器上,或非 Tails核心开发者管理的系统上。

主密钥

  • Is not owned in a usable format by any single individual. It is split cryptographically using gfshare.

  • Is only used offline, in an air-gapped Tails only communicating with the outside world through:

    • Plugging the Tails flash media in another operating system to install Tails in the first place.

    • Plugging other removable media in the air-gapped Tails to send the public key, secret key stubs, parts of the secret master key, and so on to the outside world.

    • Plugging other removable media in the air-gapped Tails to receive Debian packages, public keys, and so on from the outside world.

  • Expires in less than one year. We will extend its validity as many times as we find reasonable.

  • Has a revocation certificate split amongst different people. See the details of the mechanism.

对子密钥签名

  • 把(子密钥)放在使用者的 OpenPGP 智能卡上。这种智能卡保证了所有加解密操作都在卡内进行,加密材料不会出现在插入了这个卡的操作系统上。

  • Expiration date: same as the primary key.

Key details

pub   rsa4096/0xDBB802B258ACD84F 2015-01-18 [C] [expires: 2025-01-25]
      Key fingerprint = A490 D0F4 D311 A415 3E2B  B7CA DBB8 02B2 58AC D84F
uid                   [  full  ] Tails developers (offline long-term identity key) <tails@boum.org>
uid                   [  full  ] Tails developers <tails@boum.org>
sub   rsa4096/0xD21DAD38AF281C0B 2017-08-28 [S] [expires: 2025-01-25]
sub   ed25519/0x90B2B4BD7AED235F 2017-08-28 [S] [expires: 2025-01-25]
sub   rsa4096/0x7BFBD2B902EE13D0 2021-10-14 [S] [expires: 2025-01-25]
sub   rsa4096/0xE5DBA2E186D5BAFC 2023-10-03 [S] [expires: 2025-01-25]

How to get the public key?

To get this OpenPGP public key, download it from this website: tails-signing.key.

如果你已经有了 Tails 签名密钥但又下载了一次,它会更新现存的密钥签名的列表。

User support key

Purpose

加密

Policy

密钥本身和它的密码存储在运行了我们的加密邮件列表软件的服务器上,以及由我们核心开发者管理的系统上。

Key details

pub   rsa4096 2013-07-24 [SC] [expires: 2024-01-06]
      1F56 EDD3 0741 0480 35DA  C1C5 EC57 B56E F0C4 3132
uid           [  full  ] Tails bug squad <tails-bugs@boum.org>
uid           [  full  ] Tails private user support <tails-support-private@boum.org>
uid           [  full  ] Tails bug squad (schleuder list) <tails-bugs-owner@boum.org>
uid           [  full  ] Tails bug squad (schleuder list) <tails-bugs-request@boum.org>
sub   rsa4096 2013-07-24 [E] [expires: 2024-01-06]
      0012 C228 1573 FE8D 1C24  E350 9D6D 6472 AFC1 AD77

How to get the public key?

有这样几种途径获取 OpenPGP 公钥:

  • Download it from this website: tails-bugs.key.

  • Fetch it from your favourite key server.

Press team key

Purpose

加密

Key details

pub   rsa4096 2024-04-30 [SC]
      C54B2D6C229607035EECE4D83114691BD78DF1ED
uid           [ unknown] press@tails.net <press@tails.net>
uid           [ unknown] press@tails.net <press-request@tails.net>
uid           [ unknown] press@tails.net <press-owner@tails.net>
sub   rsa4096 2024-04-30 [E]

How to get the public key?

有这样几种途径获取 OpenPGP 公钥:

Board key

Purpose

加密

  • Use this key to encrypt private emails sent to the Board.

Key details

pub   rsa4096 2024-04-30 [SC]
      2DC4FED9D88C30D95A92675788E24FE2064F1511
uid           [ unknown] board@tails.net <board@tails.net>
uid           [ unknown] board@tails.net <board-request@tails.net>
uid           [ unknown] board@tails.net <board-owner@tails.net>
sub   rsa4096 2024-04-30 [E]

How to get the public key?

有这样几种途径获取 OpenPGP 公钥:

Accounting team key

Purpose

加密

Key details

pub   rsa4096 2024-04-30 [SC]
      EC58494A6333D0384DD5744DA38F0F6E9A0A234E
uid           [ unknown] accounting@tails.net <accounting@tails.net>
uid           [ unknown] accounting@tails.net <accounting-request@tails.net>
uid           [ unknown] accounting@tails.net <accounting-owner@tails.net>
sub   rsa4096 2024-04-30 [E]

How to get the public key?

有这样几种途径获取 OpenPGP 公钥:

Fundraising team key

Purpose

加密

Key details

pub   rsa4096 2024-04-30 [SC]
      DA1C7908D1C0DC9EAA5915BC3A5B5685A641297B
uid           [ unknown] fundraising@tails.net <fundraising@tails.net>
uid           [ unknown] fundraising@tails.net <fundraising-request@tails.net>
uid           [ unknown] fundraising@tails.net <fundraising-owner@tails.net>
sub   rsa4096 2024-04-30 [E]

How to get the public key?

有这样几种途径获取 OpenPGP 公钥:

Foundations team key

Purpose

加密

Key details

pub   rsa4096 2024-04-30 [SC]
      621609457A166C993245FFCA5F6B02630DDDE331
uid           [ unknown] foundations@tails.net <foundations@tails.net>
uid           [ unknown] foundations@tails.net <foundations-request@tails.net>
uid           [ unknown] foundations@tails.net <foundations-owner@tails.net>
sub   rsa4096 2024-04-30 [E]

How to get the public key?

有这样几种途径获取 OpenPGP 公钥:

Sysadmins team key

Purpose

加密

Key details

pub   rsa4096 2024-04-26 [SC]
      0082D4D63B722D1FA27518A5C8F12D2B1AE1CB26
uid           [ unknown] sysadmins@tails.net <sysadmins@tails.net>
uid           [ unknown] sysadmins@tails.net <sysadmins-request@tails.net>
uid           [ unknown] sysadmins@tails.net <sysadmins-owner@tails.net>
sub   rsa4096 2024-04-26 [E]

How to get the public key?

有这样几种途径获取 OpenPGP 公钥:

Translation platform admins team key

Purpose

加密

Key details

pub   rsa4096 2024-04-30 [SC]
      EFECA896F429B066B83E0266B702FE73C485A41D
uid           [ unknown] weblate@tails.net <weblate@tails.net>
uid           [ unknown] weblate@tails.net <weblate-request@tails.net>
uid           [ unknown] weblate@tails.net <weblate-owner@tails.net>
sub   rsa4096 2024-04-30 [E]

How to get the public key?

有这样几种途径获取 OpenPGP 公钥: