C0E1 0545 0570 4F75 7D92 5AB2 6A64 E8AA 2EFB CF5DAlways verify this fingerprint before sending sensitive material.
Contact and Key Verification
Email is the best way to reach me at mail@steadytao.com. If the message is sensitive, please use encrypted email. Signal is available as a secondary encrypted channel. This page covers how I prefer to be contacted, how to verify my key and what helps me reply efficiently.
Email - Preferred Contact
Use this for general contact, technical discussion and anything that benefits from a durable written record. If the message is sensitive, encrypted email is highly preferred.
Secondary
Use Signal if the conversation is more conversational. Please note it is a secondary channel I do not check as regularly.
OpenPGP
Verify first, then encrypt.
Fetch the key from this site or keys.openpgp.org, then verify the fingerprint before encrypting.
In GnuPG, this command locates the key through WKD and other clear sources, as described in OpenPGP Web Key Directory:
gpg --auto-key-locate clear,wkd --locate-keys mail@steadytao.comIf you want an encrypted reply, include your public key with the message or make sure it is directly discoverable from your address.
Which channel to use
Match the channel to the message.
Use email for most contact, technical discussion, longer messages, attachments and anything that benefits from a durable record.
Encrypted email
Use OpenPGP when the message is private, sensitive or disclosure-related.
Signal
Use Signal when the exchange is more immediate or conversational and email would be unnecessarily heavy.
Notes
A little context helps.
Clear subject lines and concise context help.
Encrypted email is welcome when appropriate.
I may not reply immediately, especially to vague outreach.
For project-specific matters, include the relevant links or context up front.
Security disclosures
If you are reporting a security issue in something I maintain, use encrypted email where possible and include enough detail for me to reproduce or understand it.