-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Sat Jul 19 02:03:40 AM EDT 2025

CEH v12 | (ISC)² | Linux+ | Cisco CCNA | Security+ | PenTest+

Owner: My blog - https://itsnothing.net.
Admin: The Hitchhiker's Guide to Online Anonymity - https://anonymousplanet.org

Latest bitcoin block hash:
00000000000000000000b685887fe078cc9839294a91f8d38a3311864fc15418

I positively confirm I am in complete control of all my key material and domains. 

All previous keys have been revoked as part of standard OPSEC key rotation
procedures. Do NOT encrypt communications to my old keys, I will not read them.

The key currently published on 
https://keyoxide.org/8B3A74890536BAD50D9376EBF1CB32F67E3302A1 with a fingerprint
of 8B3A74890536BAD50D9376EBF1CB32F67E3302A1, is my only PGP key for public
communication. It IS published on public keyservers now. Please refrain from uploading it there
(again). Someone already broke this rule.

Permanent record of old and new PGP keys:

pub   ed25519/0xF1CB32F67E3302A1 2024-03-29 [SC]
      Key fingerprint = 8B3A 7489 0536 BAD5 0D93  76EB F1CB 32F6 7E33 02A1
uid                   [ultimate] nopenothinghere@proton.me <nopenothinghere@proton.me>

To fetch the full key, you can simply do:

  gpg --keyserver keys.openpgp.org --recv-key 0xF1CB32F67E3302A1

**
  Note: this keyserver is experimental.[0] I still have yet to add these keys
  to the I2P keyserver pool, and I don't know if I will. If you have previously
  signed my key but did a local-only signature (lsign), you will not want to
  issue the following, instead you will want to use --lsign-key, and not send
  the signatures to the keyserver.
**

  gpg --sign-key 0xF1CB32F67E3302A1

I'd like to receive your signatures on my key. You can either send me an e-mail
with the new signatures (if you have a functional MTA on your system):

  gpg --export 0xF1CB32F67E3302A1 | gpg --encrypt -r 0xF1CB32F67E3302A1 --armor \
      | mail -s 'OpenPGP Signatures' <nopenothinghere@proton.me>

Additionally, I highly recommend that you implement a mechanism to keep your key
material up-to-date so that you obtain the latest revocations, and other updates
in a timely manner. You can do regular key updates by using parcimonie[1] to
refresh your keyring. Parcimonie is a daemon that slowly refreshes your keyring
from a keyserver over Tor. It uses a randomized sleep, and fresh tor circuits
for each key. The purpose is to make it hard for an attacker to correlate the
key updates with your keyring.

I also highly recommend checking out the excellent Riseup GPG best practices
doc, from which I stole most of the text for this transition message ;-)

https://riseup.net/en/security/message-security/openpgp/gpg-keys

Please let me know if you have any questions on how to verify.

  Nope (Anonymous Planet) <no@anonymousplanet.org>

0. https://gist.github.com/rjhansen/67ab921ffb4084c865b3618d6955275f
1. https://directory.fsf.org/wiki/Parcimonie
-----BEGIN PGP SIGNATURE-----

iHUEARYKAB0WIQSLOnSJBTa61Q2TduvxyzL2fjMCoQUCaHs1WgAKCRDxyzL2fjMC
odrwAPsFcupXWVRha5k2BOZUvjg+nY27IG+5XM8w+IupueHVcAD7BL7MFWuJ11lb
Bqk3pSyp6hTxlSJ1lnItXwQYnGBL6AE=
=NQBO
-----END PGP SIGNATURE-----