GUIDE:How To Verifying My Certificate
Verifying Certificate
This guide explains how you can verify that you have reading the authentic mail or files which claimed sending by mikifuns(mikifuns@mikifuns.com) and it’s trusted. If needed, you can contact us with PGP signatured or encrypted.
Download and import the signing key
The fingerprint of our code signing key is F411FB52FCA3FB55D3248076A007992CF76B1F95 (with spaces: F411 FB52 FCA3 FB55 D324 8076 A007 992C F76B 1F95) and it can be downloaded from my website or following keyserver:
# RELEASED ON FOLLOWING KEYSERVER
hkps://keys.openpgp.org
hkps://keyserver.ubuntu.com
I verified my E-mail address on keys.openpgp.org so It’s trusted and been published for everyone.
When you try to verify content such as emails, you should see the following message:
gpg: Signature made 01/01/25 23:59:59 Text
gpg: using EDDSA key F411FB52FCA3FB55D3248076A007992CF76B1F95
gpg: Can't check signature: No public key
You should import the public key which provided on above solutions. Then when you tried verify content again, you should see the following message:
gpg: Signature made 01/01/25 23:59:59 Text
gpg: using EDDSA key F411FB52FCA3FB55D3248076A007992CF76B1F95
gpg: Good signature from "Mikifuns <mikifuns@mikifuns.com>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: F411 FB52 FCA3 FB55 D324 8076 A007 992C F76B 1F95
Next step, Certify mine Certificate (some application called “Sign the key”).
CHECK THE FINGERPRINT CAREFULLY! Then “Certify”.
Now when you tried verify content again, you should see the following message:
gpg: Signature made 01/01/25 23:59:59 Text
gpg: using EDDSA key F411FB52FCA3FB55D3248076A007992CF76B1F95
gpg: Good signature from "Mikifuns <mikifuns@mikifuns.com>" [full]
Now, everything is ready! From now on, until my certificate expires (2030/1/1) , you can use this certificate to communicate with me securely or verify the files I send.
About This Certificate:
Fingerprint: F411 FB52 FCA3 FB55 D324 8076 A007 992C F76B 1F95
Valid from: 2025/1/8
Valid until: 2030/1/1
Certificate key
Here is the Certificate key in plain text:
-----BEGIN PGP PUBLIC KEY BLOCK-----
Comment: User ID: Mikifuns <mikifuns@mikifuns.com>
Comment: Valid from: 2025/1/8 23:10
Comment: Valid until: 2030/1/1 12:00
Comment: Usage: Signing, Encryption, Certifying User IDs
Comment: Fingerprint: F411FB52FCA3FB55D3248076A007992CF76B1F95
mDMEZ36VdhYJKwYBBAHaRw8BAQdAU8+kUU5fIPL1qJLrfpZcxnJ06cpWU5HOYd1o
7b1c3O60IE1pa2lmdW5zIDxtaWtpZnVuc0BtaWtpZnVucy5jb20+iJgEExYKAEEW
IQT0EftS/KP7VdMkgHagB5ks92sflQUCZ36VdgIbAwUJCV17SgULCQgHAgIiAgYV
CgkICwIEFgIDAQIeBwIXgAAKCRCgB5ks92sflVdiAQCYwzBzaQvI8juCTr065VlN
P+2TB9v0LEvIXshqC45IDAD3QlbyEPq7jefpX85S40HLbqAPtsGb4Dh+bbLtOWZR
A7g4BGd+lXYSCisGAQQBl1UBBQEBB0DQNc5sSL6L6Vs9L+H9F7lMBHRb02CpkM/P
gwEDEUZKHAMBCAeIfgQYFgoAJhYhBPQR+1L8o/tV0ySAdqAHmSz3ax+VBQJnfpV2
AhsMBQkJXXtKAAoJEKAHmSz3ax+Vc3QBAKKIVwgC72qMEd23QnTBzNfUzHgN/dS2
VLBcQYd9UomeAQDbpd7XCUwIh6j9IBUaUoK7M1AYIPl4jjvjMVPyQLttBA==
=6J6Z
-----END PGP PUBLIC KEY BLOCK-----
<END>
验证签名
本指南解释了如何验证您所阅读的邮件或文件是否由 mikifuns(mikifuns@mikifuns.com)发送,并且是可信的。如有需要,您可以使用 PGP 签名或加密与我们联系。
下载并导入签名密钥
我们的代码签名密钥的指纹是 F411FB52FCA3FB55D3248076A007992CF76B1F95(带空格:F411 FB52 FCA3 FB55 D324 8076 A007 992C F76B 1F95),您可以从我的网站或以下密钥服务器下载:
# RELEASED ON FOLLOWING KEYSERVER
hkps://keys.openpgp.org
hkps://keyserver.ubuntu.com
我已在 keys.openpgp.org 上验证了我的电子邮件地址,因此它是可信的,并已公开发布。
当您尝试验证诸如电子邮件之类的内容时,您可能会看到以下消息:
gpg: Signature made 01/01/25 23:59:59 Text
gpg: using EDDSA key F411FB52FCA3FB55D3248076A007992CF76B1F95
gpg: Can't check signature: No public key
您应导入上述方法提供的公钥。然后,当您再次尝试验证内容时,您应看到以下消息:
gpg: Signature made 01/01/25 23:59:59 Text
gpg: using EDDSA key F411FB52FCA3FB55D3248076A007992CF76B1F95
gpg: Good signature from "Mikifuns <mikifuns@mikifuns.com>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: F411 FB52 FCA3 FB55 D324 8076 A007 992C F76B 1F95
下一步,认证我的证书(某些应用程序称为“签署密钥”)。
仔细检查指纹! 然后“认证”。
现在,当您再次尝试验证内容时,您应看到以下消息:
gpg: Signature made 01/01/25 23:59:59 Text
gpg: using EDDSA key F411FB52FCA3FB55D3248076A007992CF76B1F95
gpg: Good signature from "Mikifuns <mikifuns@mikifuns.com>" [full]
现在,一切准备就绪!从现在起,直到我的证书过期(2030/1/1)之前,您都可以使用此证书与我进行安全通信或验证我发送的文件。
关于此证书:
指纹:F411 FB52 FCA3 FB55 D324 8076 A007 992C F76B 1F95
有效期自:2025/1/8
有效期至:2030/1/1
证书密钥
以下是证书密钥的纯文本:
-----BEGIN PGP PUBLIC KEY BLOCK-----
Comment: User ID: Mikifuns <mikifuns@mikifuns.com>
Comment: Valid from: 2025/1/8 23:10
Comment: Valid until: 2030/1/1 12:00
Comment: Usage: Signing, Encryption, Certifying User IDs
Comment: Fingerprint: F411FB52FCA3FB55D3248076A007992CF76B1F95
mDMEZ36VdhYJKwYBBAHaRw8BAQdAU8+kUU5fIPL1qJLrfpZcxnJ06cpWU5HOYd1o
7b1c3O60IE1pa2lmdW5zIDxtaWtpZnVuc0BtaWtpZnVucy5jb20+iJgEExYKAEEW
IQT0EftS/KP7VdMkgHagB5ks92sflQUCZ36VdgIbAwUJCV17SgULCQgHAgIiAgYV
CgkICwIEFgIDAQIeBwIXgAAKCRCgB5ks92sflVdiAQCYwzBzaQvI8juCTr065VlN
P+2TB9v0LEvIXshqC45IDAD3QlbyEPq7jefpX85S40HLbqAPtsGb4Dh+bbLtOWZR
A7g4BGd+lXYSCisGAQQBl1UBBQEBB0DQNc5sSL6L6Vs9L+H9F7lMBHRb02CpkM/P
gwEDEUZKHAMBCAeIfgQYFgoAJhYhBPQR+1L8o/tV0ySAdqAHmSz3ax+VBQJnfpV2
AhsMBQkJXXtKAAoJEKAHmSz3ax+Vc3QBAKKIVwgC72qMEd23QnTBzNfUzHgN/dS2
VLBcQYd9UomeAQDbpd7XCUwIh6j9IBUaUoK7M1AYIPl4jjvjMVPyQLttBA==
=6J6Z
-----END PGP PUBLIC KEY BLOCK-----
<结束>
証明書の検証
このガイドでは、mikifuns(mikifuns@mikifuns.com)から送信されたと主張するメールやファイルが本物であり、信頼できることを確認する方法を説明します。必要に応じて、PGP署名付きまたは暗号化された方法でご連絡いただけます。
署名キーのダウンロードとインポート
当社のコード署名キーのフィンガープリントは F411FB52FCA3FB55D3248076A007992CF76B1F95
(スペース付き:F411 FB52 FCA3 FB55 D324 8076 A007 992C F76B 1F95
)です。このキーは当社のウェブサイトまたは以下のキーサーバーからダウンロードできます:
# RELEASED ON FOLLOWING KEYSERVER
hkps://keys.openpgp.org
hkps://keyserver.ubuntu.com
私は keys.openpgp.org で自分のメールアドレスを確認済みですので、信頼され、公開されています。
メールなどのコンテンツを検証しようとすると、次のメッセージが表示されるはずです:
gpg: Signature made 01/01/25 23:59:59 Text
gpg: using EDDSA key F411FB52FCA3FB55D3248076A007992CF76B1F95
gpg: Can't check signature: No public key
上記の方法で提供された公開鍵をインポートする必要があります。その後、再度コンテンツを検証すると、次のメッセージが表示されるはずです:
gpg: Signature made 01/01/25 23:59:59 Text
gpg: using EDDSA key F411FB52FCA3FB55D3248076A007992CF76B1F95
gpg: Good signature from "Mikifuns <mikifuns@mikifuns.com>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: F411 FB52 FCA3 FB55 D324 8076 A007 992C F76B 1F95
次のステップとして、私の証明書を保証してください(一部のアプリケーションでは「証明」と呼ばれます)。
フィンガープリントを注意深く確認し、 「保証」してください。
これで、再度コンテンツを検証すると、次のメッセージが表示されるはずです:
gpg: Signature made 01/01/25 23:59:59 Text
gpg: using EDDSA key F411FB52FCA3FB55D3248076A007992CF76B1F95
gpg: Good signature from "Mikifuns <mikifuns@mikifuns.com>" [full]
これで、すべての準備が整いました!これから、私の証明書が有効期限を迎えるまで(2030年1月1日まで)、この証明書を使用して私と安全に通信したり、私が送信するファイルを検証したりできます。
この証明書について:
フィンガープリント:F411 FB52 FCA3 FB55 D324 8076 A007 992C F76B 1F95
有効期間:2025年1月8日から2030年1月1日まで
証明書キー
以下はプレーンテキストの証明書キーです:
-----BEGIN PGP PUBLIC KEY BLOCK-----
Comment: User ID: Mikifuns <mikifuns@mikifuns.com>
Comment: Valid from: 2025/1/8 23:10
Comment: Valid until: 2030/1/1 12:00
Comment: Usage: Signing, Encryption, Certifying User IDs
Comment: Fingerprint: F411FB52FCA3FB55D3248076A007992CF76B1F95
mDMEZ36VdhYJKwYBBAHaRw8BAQdAU8+kUU5fIPL1qJLrfpZcxnJ06cpWU5HOYd1o
7b1c3O60IE1pa2lmdW5zIDxtaWtpZnVuc0BtaWtpZnVucy5jb20+iJgEExYKAEEW
IQT0EftS/KP7VdMkgHagB5ks92sflQUCZ36VdgIbAwUJCV17SgULCQgHAgIiAgYV
CgkICwIEFgIDAQIeBwIXgAAKCRCgB5ks92sflVdiAQCYwzBzaQvI8juCTr065VlN
P+2TB9v0LEvIXshqC45IDAD3QlbyEPq7jefpX85S40HLbqAPtsGb4Dh+bbLtOWZR
A7g4BGd+lXYSCisGAQQBl1UBBQEBB0DQNc5sSL6L6Vs9L+H9F7lMBHRb02CpkM/P
gwEDEUZKHAMBCAeIfgQYFgoAJhYhBPQR+1L8o/tV0ySAdqAHmSz3ax+VBQJnfpV2
AhsMBQkJXXtKAAoJEKAHmSz3ax+Vc3QBAKKIVwgC72qMEd23QnTBzNfUzHgN/dS2
VLBcQYd9UomeAQDbpd7XCUwIh6j9IBUaUoK7M1AYIPl4jjvjMVPyQLttBA==
=6J6Z
-----END PGP PUBLIC KEY BLOCK-----
<完>
Проверка сертификата
Это руководство объясняет, как вы можете убедиться в том, что вы действительно читаете письмо или файлы, отправленные mikifuns (mikifuns@mikifuns.com), и доверять им. При необходимости вы можете связаться с нами с помощью подписи PGP или шифрования.
Загрузка и импорт ключа подписи
Отпечаток нашего ключа подписи кода – F411FB52FCA3FB55D3248076A007992CF76B1F95 (с пробелами: F411 FB52 FCA3 FB55 D324 8076 A007 992C F76B 1F95), его можно скачать с моего веб-сайта или следующего сервера ключей:
# RELEASED ON FOLLOWING KEYSERVER
hkps://keys.openpgp.org
hkps://keyserver.ubuntu.com
Я подтвердил свой адрес электронной почты на keys.openpgp.org, поэтому он является доверенным и опубликован для всех.
При попытке проверить содержимое, такое как электронные письма, вы должны увидеть следующее сообщение:
gpg: Signature made 01/01/25 23:59:59 Text
gpg: using EDDSA key F411FB52FCA3FB55D3248076A007992CF76B1F95
gpg: Can't check signature: No public key
В этом случае вам следует импортировать открытый ключ, предоставленный в приведенных выше решениях. Затем, при повторной попытке проверки содержимого, вы должны увидеть следующее сообщение:
gpg: Signature made 01/01/25 23:59:59 Text
gpg: using EDDSA key F411FB52FCA3FB55D3248076A007992CF76B1F95
gpg: Good signature from "Mikifuns <mikifuns@mikifuns.com>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: F411 FB52 FCA3 FB55 D324 8076 A007 992C F76B 1F95
Следующий шаг – сертифицировать мой сертификат (некоторые приложения называют это «Подписать ключ»).
ВНИМАТЕЛЬНО ПРОВЕРЬТЕ ОТПЕЧАТОК! Затем нажмите «Сертифицировать».
Теперь, при повторной попытке проверки содержимого, вы должны увидеть следующее сообщение:
gpg: Signature made 01/01/25 23:59:59 Text
gpg: using EDDSA key F411FB52FCA3FB55D3248076A007992CF76B1F95
gpg: Good signature from "Mikifuns <mikifuns@mikifuns.com>" [full]
Теперь все готово! Отныне, до истечения срока действия моего сертификата (01.01.2030), вы можете использовать этот сертификат для безопасного общения со мной или проверки отправляемых мной файлов.
Об этом сертификате:
Отпечаток: F411 FB52 FCA3 FB55 D324 8076 A007 992C F76B 1F95
Действителен с: 08.01.2025
Действителен до: 01.01.2030
Ключ сертификата
Вот ключ сертификата в обычном тексте:
-----BEGIN PGP PUBLIC KEY BLOCK-----
Comment: User ID: Mikifuns <mikifuns@mikifuns.com>
Comment: Valid from: 2025/1/8 23:10
Comment: Valid until: 2030/1/1 12:00
Comment: Usage: Signing, Encryption, Certifying User IDs
Comment: Fingerprint: F411FB52FCA3FB55D3248076A007992CF76B1F95
mDMEZ36VdhYJKwYBBAHaRw8BAQdAU8+kUU5fIPL1qJLrfpZcxnJ06cpWU5HOYd1o
7b1c3O60IE1pa2lmdW5zIDxtaWtpZnVuc0BtaWtpZnVucy5jb20+iJgEExYKAEEW
IQT0EftS/KP7VdMkgHagB5ks92sflQUCZ36VdgIbAwUJCV17SgULCQgHAgIiAgYV
CgkICwIEFgIDAQIeBwIXgAAKCRCgB5ks92sflVdiAQCYwzBzaQvI8juCTr065VlN
P+2TB9v0LEvIXshqC45IDAD3QlbyEPq7jefpX85S40HLbqAPtsGb4Dh+bbLtOWZR
A7g4BGd+lXYSCisGAQQBl1UBBQEBB0DQNc5sSL6L6Vs9L+H9F7lMBHRb02CpkM/P
gwEDEUZKHAMBCAeIfgQYFgoAJhYhBPQR+1L8o/tV0ySAdqAHmSz3ax+VBQJnfpV2
AhsMBQkJXXtKAAoJEKAHmSz3ax+Vc3QBAKKIVwgC72qMEd23QnTBzNfUzHgN/dS2
VLBcQYd9UomeAQDbpd7XCUwIh6j9IBUaUoK7M1AYIPl4jjvjMVPyQLttBA==
=6J6Z
-----END PGP PUBLIC KEY BLOCK-----
<КОНЕЦ>
为什么使用PGP方式来加密签名文件/信息?
Why use PGP to encrypt and sign files/messages?
使用 PGP(Pretty Good Privacy)加密或签名文件至关重要,原因如下:
Using PGP (Pretty Good Privacy) to encrypt or sign files is crucial for the following reasons:
- 保护数据机密性: PGP 使用强大的加密算法,将您的文件转换成无法读取的乱码,只有拥有正确密钥的人才能解密。这可以有效防止未经授权的访问,例如数据泄露、黑客攻击或间谍活动。即使文件在传输过程中被截获,也无法被轻易读取。
- Protecting Data Confidentiality: PGP uses strong encryption algorithms to transform your files into unreadable gibberish, which can only be decrypted by someone with the correct key. This effectively prevents unauthorized access, such as data breaches, hacking attacks, or espionage. Even if the file is intercepted during transmission, it cannot be easily read.
- 验证数据完整性: PGP 签名使用数字签名技术,为文件添加一个独特的“指纹”。接收者可以使用这个指纹来验证文件在传输过程中是否被篡改。任何对文件的修改都会导致签名失效,从而让接收者立即知晓。
- Verifying Data Integrity: PGP signatures use digital signature technology to add a unique “fingerprint” to the file. The recipient can use this fingerprint to verify whether the file has been tampered with during transmission. Any modification to the file will cause the signature to become invalid, immediately alerting the recipient.
- 确认发送者身份: PGP 签名还可以证明文件的确是由特定的发送者发出的。由于数字签名与发送者的私钥相关联,因此只有拥有该私钥的人才能创建有效的签名。这可以有效防止身份伪造和欺诈行为。
- Confirming Sender Identity: PGP signatures can also prove that the file was indeed sent by a specific sender. Because a digital signature is associated with the sender’s private key, only someone with that private key can create a valid signature. This effectively prevents identity forgery and fraud.
总结来说,使用 PGP 加密可以保护您的文件内容不被泄露,而使用 PGP 签名则可以确保文件的完整性和来源可靠性。
In short, using PGP encryption can protect the content of your files from being leaked, while using PGP signatures ensures the integrity and reliable source of the files.