Putting my PGP ID/link on printed business cards

Considering that your public key is only usable by a computer1; you can remove clutter from your business card by having all electronic data accessible online and referred to by a QR code.

The link could refer to a vCard file stored on, say, a public Dropbox. As the vCard format can store any business or contact information including OpenPGP keys.


Alternately a high resolution QR code could store the entire public key on the back of your business card. Which has certain security advantages.

1. Hand ciphers notwithstanding.


I've put the whole fingerprint on my cards, but highlighted the short ID (being the last eight characters of the fingerprint). It's at the other's side to verify correctly.

Regarding putting a link on a business card; consider the possible use cases. The normal way of fetching a key is through the key server network; and for doing so no URL is needed: Either people (mail clients) search for your mail address (UID), which will already contained on your card anyway, or they fetch it by entering the fingerprint or ID - and hopefully verify against the whole fingerprint, or at least long ID.

Sadly there's nothing like a URI scheme for OpenPGP, something like hkp://[keyserver]/fingerprint would provide a way to have an actual link which can be designated to an OpenPGP client application, and at the same time point to an (optional) preferred key server.

Upcoming, but not yet widely spread: put your OpenPGP key (possibly after stripping images and incoming certifications) on a NFC token. I know some applications exist to read them (eg. OpenKeychain, though I don't know whether there's an (possible informal) standard behind.


I'd recommend putting your OpenPGP key's fingerprint in textual form and as QR code on your business card.

To do so, you would create an URI with OPENPGP4FPR as scheme and your OpenPGP fingerprint in all caps as data. Then use something like qrencode to create a QR code of the resulting String. Apps like OpenKeychain on Android will understand this.

You can show you fingerprint with:

gpg --fingerprint <email|keyid>

For example:

$ gpg --fingerprint [email protected]
pub   rsa2048/0x8CAC2A9678548E35 2010-07-13 [expires: 2016-06-06]
     Key fingerprint = 1357 B018 65B2 503C 1845  3D20 8CAC 2A96 7854 8E35
...
sub   rsa2048/0x933A3EA0850A0B28 2010-07-13

Look for Key fingerprint value

Key fingerprint = 1357 B018 65B2 503C 1845  3D20 8CAC 2A96 7854 8E35

This is the value you want to give to your peers. You could easily put it on your business card in text form. I would suggest to prefix it with 'OpenPGP' and to keep the spaces for easier readability:

John Doe
Senior Expert

[email protected]
OpenPGP: 1357 B018 65B2 503C 1845 3D20 8CAC 2A96 7854 8E35

But I also recommend additionally creating a QR code with your OpenPGP key's fingerprint. To do so, we first remove all the whitespace from your fingerprint's value, which yields:

1357B01865B2503C18453D208CAC2A9678548E35

Then create the URI by prefixing OPENPGP4FPR: (which stands for OpenPGP v4 Fingerprint).

OPENPGP4FPR:1357B01865B2503C18453D208CAC2A9678548E35

Finally use qrencode to create the QR code. Here we use PNG as output format but qrencode is also able to create SVG, ASCII or UTF8 output.

qrencode -t PNG 'OPENPGP4FPR:1357B01865B2503C18453D208CAC2A9678548E35' \
    > myopenpgpfpr.png

Which results in:

My OpenPGP fingerprint as QRcode

Tags:

Gnupg

Pgp