Cryptographic Keys
and Certification

Key Certification

To make it easier to verify all keys used in regard to PRESECURE services we provide our own certification authority. All authorized keys are signed by our certification authority. In order to verify the associated public keys, please download the public keys:

• DH/DSS (4093/1024 bits), KeyID: 0x886CD027
  Fingerprint (information only): BDCC 8297 A491 D619 7588 ADDA 4E2C A186 886C D027
• RSA (2048 bits), KeyID: 0x4EAC5E73
  Fingerprint (information only): 7F74 0DA2 3C35 D0D5 89AA 3AAB A62E A557

As next step, you will want to compare the PGP fingerprints for the public keys of the certification authorities with us. To do it right requires our active involvement:

1. You check the signatures of other PGP users on the keys and decide that you trust at least one of them to be convinced that these keys belong to us.
2. Call someone from our staff, whom you know, and ask him to provide you the PGP fingerprint information.
3. Send an email to ca@pre-secure.com and request for the PGP fingerprint information to be sent to you on official letterhead.
4. Meet us personally and get the PGP fingerprint information then.

Some remarks in regard to our certification policy

We will not use the PGP keys of our certification authority to encrypt anything.

We will not use the PGP keys of our certification authority to sign anything but keys used by PRESECURE staff or for PRESECURE services.

Protection of Email

To protect the confidentiality of any information send to our addresses please feel free to use the appropriate cryptographic key from the list below. You might also need these keys to verify the authenticity of any message received from use which is protected by a PGP signature.

Please note, that we do not list all personal email addresses or PGP keys here. This is due to organisational procedures - and to protect the interests of customers.

irt@pre-secure.com

• DH/DSS (4093/1024 bits), KeyID: 0xCB461D42
• RSA (2048 bits), KeyID: 0x041B6C6D

info@pre-secure.com

• DH/DSS (4093/1024 bits), KeyID: 0x889A2A74
• RSA (2048 bits), KeyID: 0xCD187FC9

jobs@pre-secure.com

• DH/DSS (4093/1024 bits), KeyID: 0x889A2A74
• RSA (2048 bits), KeyID: 0xCD187FC9

kpk@pre-secure.com

• DH/DSS (4093/1024 bits), KeyID: 0x6B1A12C0
• RSA (2048 bits), KeyID: 0x38B56E3D

PGP Signatures for all web pages

To protect email communication as well as files PGP is utilized. All PGP keys used within the context of our PRESECURE services - including the public keys of the certification authority - are available as a single PGP Key Block. You might also retrieve the PGP keys of the wellknown PGP Key Servers.

PRESECURE PGP Key Block

Protection of Web pages

Any of the keys listed above may be used to provide a detached PGP signature for any file available from this web site. By downloading such signature files a user might be able to verify the authenticity of any file retrieved previously.

SSL to ensure Authenticity

In order to verify, that you are connected to the "right" - our - web server please use SSL:

https://www.pre-secure.com

The SSL Server Certificates is signed by our ROOT certificate:

• X.509 Certificate, DER coded
• X.509 Certificate, PEM coded

The fingerprint information:

• SHA1:
  Fingerprint (information only): C8:8A:AC:DE:8A:E6:E8:6C:E8:34:CB:8A:A6:23:1C:CD:CC:B8:9F:D0
• MD5:
  Fingerprint (information only): 34:6C:6F:25:B4:12:35:F4:31:4E:2D:8D:34:1F:D2:DE

As always: "Vertrauen ist gut, ...". If you like to verify the certificate yourself, please follow the process outline above for verification of the PGP CA public key. You can find the associated Root Certificate of the DFN-PCA here.

Expired ROOT Certificates

To allow the verification of signatures made with older keys, we still offer these certificates as well:

ROOT certificate valid from September, 24th 2004 through September, 4th 2006:

• X.509 Certificate 2004 - 2006, DER coded
• X.509 Certificate 2004 - 2006, PEM coded

The fingerprint information:

• SHA1:
  Fingerprint (information only): BA5D 598F B8BC BA61 174E E68A 1B7E 064A 05A0 1FF7
• MD5:
  Fingerprint (information only): EA7B 0D06 CE4E 1C46 E588 ED6B DC24 942E

ROOT certificate valid from September, 24th 2001 through September, 24th 2004:

• X.509 Certificate 2001 - 2004, DER coded
• X.509 Certificate 2001 - 2004, PEM coded

The fingerprint information:

• SHA1:
  Fingerprint (information only): BAEF EA67 AE25 6DB4 E61D 99FE 9406 23F5 836C 7E78
• MD5:
  Fingerprint (information only): 2BEE 2D54 F8E9 E819 7CB5 4DD0 B8F2 91E1