Silk Road forums
Discussion => Silk Road discussion => Topic started by: Dread Pirate Roberts on July 27, 2012, 07:09 pm
-
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
If for some reason the official Silk Road onion URL were to be compromised and I was unable to communicate with you through the forum, one of the following 3 URLs will be used to relaunch the site and/or communicate through:
silkroadiplkjo7t.onion
bpbpoqbqdodbqbqb.onion
pddqoboqqqqqbqdq.onion
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iQEcBAEBAgAGBQJQEwC+AAoJEAIiQjtnt/olmpYIAIAh9rDphz9MMHPR9Y+273yN
mRcBi5Smj4NMu6pU37jQlNZ/NEVlU41Qmmp80emGTSpVyLlljzTBg04d15NKQITw
ByidPFbh2Qqz63T+WyqDsEZAnmRQ7tZvXtpk4cKx3ttX384tP+jUlmHBC+83ERHm
fok32hPRPO309RZkZBEa9gwmeGCkU8sg3E8LT331Wtwd5Zo+LIGdR8Jd5HevarBF
LwYIw1suEN5+Gvu3/liTS0f0Ftqyqt2oLCrAYd821ybmxYZYnwpErx+pcsrE+0ic
j4MInxn65sSbcZKE5cmjMunVldmASoWxMmJjNq8yzMgxZzW8JIXmdvLixwlaWcY=
=rxxy
-----END PGP SIGNATURE-----
-
If for some reason the official Silk Road onion URL were to be compromised and I was unable to communicate with you through the forum, one of the following 3 URLs will be used to relaunch the site and/or communicate through:
silkroadiplkjo7t.onion
bpbpoqbqdodbqbqb.onion
pddqoboqqqqqbqdq.onion
Could we get a PGP Signature on this?
-
A lot of people are having trouble accessing the site right now, so this is a little concerning... :P
-
Lol.. that just doesn't seem legit.
-
If for some reason the official Silk Road onion URL were to be compromised and I was unable to communicate with you through the forum, one of the following 3 URLs will be used to relaunch the site and/or communicate through:
silkroadiplkjo7t.onion
bpbpoqbqdodbqbqb.onion
pddqoboqqqqqbqdq.onion
Could we get a PGP Signature on this?
Second this.
-
If for some reason the official Silk Road onion URL were to be compromised and I was unable to communicate with you through the forum, one of the following 3 URLs will be used to relaunch the site and/or communicate through:
silkroadiplkjo7t.onion
bpbpoqbqdodbqbqb.onion
pddqoboqqqqqbqdq.onion
Could we get a PGP Signature on this?
Second this.
Thirded.
DPR, if you are going to post stuff like this, PLEASE sign it!
Guru
If the bottom two links were not posted it would not have been so sketchy to me... but the bboopoppoopobobp.onion is weird.
-
Hey mister, which was DPR's password?
Thanks
-
O.O;;
-
Why is this not GPG signed?
If this doesn't get signed, I'm considering the possibility that the forums have been hacked.
-
If for some reason the official Silk Road onion URL were to be compromised and I was unable to communicate with you through the forum, one of the following 3 URLs will be used to relaunch the site and/or communicate through:
silkroadiplkjo7t.onion
bpbpoqbqdodbqbqb.onion
pddqoboqqqqqbqdq.onion
Could we get a PGP Signature on this?
Second this.
Thirded.
DPR, if you are going to post stuff like this, PLEASE sign it!
Agreed. This is precisely the type of communication which MUST be signed.
-
none of those "back up" urls acually work ::)
-
Even if this is legit (which I'm actually betting it is) - it's a really bad sign....
-
none of those "back up" urls acually work ::)
Which makes the authenticity of this announcement rather suspicious.
-
Well. This sucks.
-
time to sit tight, take a break, come back later and hope things have been sorted out
-
Just loaded for me, breathe everybody :)
-
slightly concerning, especially since I'm not able to load SR at present.
-
none of those "back up" urls acually work
Do you run your backup generator while the electricity is still on? Personally, I wait until the power goes out. :o
EDIT: SR has been up for me all day, fwiw.
-
none of those "back up" urls acually work
Do you run your backup generator while the electricity is still on? Personally, I wait until the power goes out. :o
EDIT: SR has been up for me all day, fwiw.
I don't have a backup generator. I have a hamster.
-
I haven't been able to connect all day, I see others are having this problem. Is there any way to fix it?
-
OP is signed now. Been meaning to do this for a while and didn't think to sign in my haste to shrink my todo list. All's well :)
Aren't those bottom two cool?! Took me forever to generate them.
-
OP is signed now. Been meaning to do this for a while and didn't think to sign in my haste to shrink my todo list. All's well :)
Aren't those bottom two cool?! Took me forever to generate them.
Lol.. we can tell.
SR is still down for me.
Unless you show up at my doorstep DPR.. I think you've been compromised!!!!!111111
-
I'm not sure what's going on here....
None of those backup URL's work at all, but the original SR link worked fine for me after a few identity switches just now...
-
Newbie PGP question...
How does one check a PGP signature if it is not encrypted with your PGP code?
I use Kleopatra but not sure how I would every verify that the signature confirms the post is from the real DPR.
Not that it matters really but the thread raised my curiosity.
Thanks,
Hawk
-
I'm not sure what's going on here....
None of those backup URL's work at all, but the original SR link worked fine for me after a few identity switches just now...
They are backups, so they aren't supposed to work right now. They are just there as a last resort, worst case scenario where Silk Road goes down and this forum goes down and no one knows where to go, we'll use one of those urls to either relaunch the site, or post a message, or whatever needs to be done at the time. Keep them in your back pocket. Will likely never need them, but, ya know, just in case.
-
Herp da derp.
SR finally worked for me. Q.Q
-
I'm not sure what's going on here....
None of those backup URL's work at all, but the original SR link worked fine for me after a few identity switches just now...
They are backups, so they aren't supposed to work right now. They are just there as a last resort, worst case scenario where Silk Road goes down and this forum goes down and no one knows where to go, we'll use one of those urls to either relaunch the site, or post a message, or whatever needs to be done at the time. Keep them in your back pocket. Will likely never need them, but, ya know, just in case.
Oh I see, good to know. Thanks
-
So where does one come by DPR's public key to verify btw?
-
good question, are the signed keys different each signed post?
-
[...]
gpg --verify sigtest
gpg: Signature made Fri 27 Jul 2012 04:57:34 PM EDT using RSA key ID 67B7FA25
gpg: Good signature from "Silk Road <staff@silkroadmarket.org>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: 07E2 9C07 DC63 7C8D 1891 2CA7 0222 423B 67B7 FA25
[...]
Guru
Does that mean that it is not the correct key, or that you didn't sign the DPR's key when you imported it?
Also, I too would like to have DPR's public key.
-
I successfully verified the post with DPR's public key, as provided below by Guru.
I'm going to be really paranoid here, but Guru, could you make a clearsigned message that DPR's key really has the fingerprint: 07E2 9C07 DC63 7C8D 1891 2CA7 0222 423B 67B7 FA25
-
[...]
gpg --verify sigtest
gpg: Signature made Fri 27 Jul 2012 04:57:34 PM EDT using RSA key ID 67B7FA25
gpg: Good signature from "Silk Road <staff@silkroadmarket.org>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: 07E2 9C07 DC63 7C8D 1891 2CA7 0222 423B 67B7 FA25
[...]
Guru
Does that mean that it is not the correct key, or that you didn't sign the DPR's key when you imported it?
What it means is that I didn't sign DPR's key when I imported it, and neither should you, unless you have to do so to stop GPA or Kleopatra from refusing to verify signed text blocks. If you do have to sign his key, ensure that the signature is local (i.e. non-exportable).
There are protocols in place for signing keys, and I'm not going to sign anyone's key unless I damn well know that it's theirs.
I believe that the key is his, as it has been used for some time, in signing multiple posts. I think I can be reasonably confident that this key actually belongs to him.
Also, I too would like to have DPR's public key.
Already posted, in this thread.
Guru
Thanks!
What happens when you sign a key (exportable, not locally). Does that mean your signature automatically gets added to the web of trust (through internet)?
-
Thank you! (The signature verified correctly, I encourage every user to check it too)
I had a little concern the forum was hacked (happened to other .onion forums before). There were two post from DPR recently. The first one had an incorrect sig, the other had none. Both things were fixed quickly afterwards.
If the forum really had been hacked, hackers could pretend to be anybody on the forum. So theoretically, a hacker could post from your (Guru's) forum account and give a fake pubkey for DPR. However now you signed the message, we can be very sure that the key you provided is indeed DPR's original pubkey, that was also used to signed the first post in this thread.
+1 karma to you
tl;dr: The first post (with the 3 .onion urls) are legit.
-
8) thanks so much man, i was wondering what to do if that happened, you alleviated all worry, as im starting to see you always quickly do... thanks again, for ALL that you have done and are doing for our wonderful culture. you btw, have built a beautiful sub(counter?)culture yourself right here, my friend. kudos, much love from wherever i am to wherever you are...
-
8) thanks so much man, i was wondering what to do if that happened, you alleviated all worry, as im starting to see you always quickly do... thanks again, for ALL that you have done and are doing for our wonderful culture. you btw, have built a beautiful sub(counter?)culture yourself right here, my friend. kudos, much love from wherever i am to wherever you are...
+1 that is a very good way of looking at it. DPR has built a very very beautiful sub culture. if i was your father DPR, i would be so so proud. :)
-
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
If for some reason the official Silk Road onion URL were to be compromised and I was unable to communicate with you through the forum, one of the following 3 URLs will be used to relaunch the site and/or communicate through:
silkroadiplkjo7t.onion
bpbpoqbqdodbqbqb.onion
pddqoboqqqqqbqdq.onion
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iQEcBAEBAgAGBQJQEwC+AAoJEAIiQjtnt/olmpYIAIAh9rDphz9MMHPR9Y+273yN
mRcBi5Smj4NMu6pU37jQlNZ/NEVlU41Qmmp80emGTSpVyLlljzTBg04d15NKQITw
ByidPFbh2Qqz63T+WyqDsEZAnmRQ7tZvXtpk4cKx3ttX384tP+jUlmHBC+83ERHm
fok32hPRPO309RZkZBEa9gwmeGCkU8sg3E8LT331Wtwd5Zo+LIGdR8Jd5HevarBF
LwYIw1suEN5+Gvu3/liTS0f0Ftqyqt2oLCrAYd821ybmxYZYnwpErx+pcsrE+0ic
j4MInxn65sSbcZKE5cmjMunVldmASoWxMmJjNq8yzMgxZzW8JIXmdvLixwlaWcY=
=rxxy
-----END PGP SIGNATURE-----
All good here:
gpg: armor header: Hash: SHA1
gpg: armor header: Version: GnuPG v1.4.11 (GNU/Linux)
gpg: original file name=''
gpg: Signature made Fri Jul 27 20:57:34 2012 UTC using RSA key ID 67B7FA25
gpg: Good signature from "Silk Road <staff@silkroadmarket.org>"
gpg: WARNING: Using untrusted key!
gpg: textmode signature, digest algorithm SHA1
I still think you should update the UID to remove the silkroadmarket.org address and update the hash to use SHA256 or higher (I use SHA512).
-
I'm not sure what's going on here....
None of those backup URL's work at all, but the original SR link worked fine for me after a few identity switches just now...
They are backups, so they aren't supposed to work right now. They are just there as a last resort, worst case scenario where Silk Road goes down and this forum goes down and no one knows where to go, we'll use one of those urls to either relaunch the site, or post a message, or whatever needs to be done at the time. Keep them in your back pocket. Will likely never need them, but, ya know, just in case.
Excellent plan.
-
Well this gives me some piece of mind for sure. I'm keeping the URL's in files along with the IRC chat info in case D-Day ever arrives
-
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
If for some reason the official Silk Road onion URL were to be compromised and I was unable to communicate with you through the forum, one of the following 3 URLs will be used to relaunch the site and/or communicate through:
silkroadiplkjo7t.onion
bpbpoqbqdodbqbqb.onion
pddqoboqqqqqbqdq.onion
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iQEcBAEBAgAGBQJQEwC+AAoJEAIiQjtnt/olmpYIAIAh9rDphz9MMHPR9Y+273yN
mRcBi5Smj4NMu6pU37jQlNZ/NEVlU41Qmmp80emGTSpVyLlljzTBg04d15NKQITw
ByidPFbh2Qqz63T+WyqDsEZAnmRQ7tZvXtpk4cKx3ttX384tP+jUlmHBC+83ERHm
fok32hPRPO309RZkZBEa9gwmeGCkU8sg3E8LT331Wtwd5Zo+LIGdR8Jd5HevarBF
LwYIw1suEN5+Gvu3/liTS0f0Ftqyqt2oLCrAYd821ybmxYZYnwpErx+pcsrE+0ic
j4MInxn65sSbcZKE5cmjMunVldmASoWxMmJjNq8yzMgxZzW8JIXmdvLixwlaWcY=
=rxxy
-----END PGP SIGNATURE-----
All good here:
gpg: armor header: Hash: SHA1
gpg: armor header: Version: GnuPG v1.4.11 (GNU/Linux)
gpg: original file name=''
gpg: Signature made Fri Jul 27 20:57:34 2012 UTC using RSA key ID 67B7FA25
gpg: Good signature from "Silk Road <staff@silkroadmarket.org>"
gpg: WARNING: Using untrusted key!
gpg: textmode signature, digest algorithm SHA1
I still think you should update the UID to remove the silkroadmarket.org address and update the hash to use SHA256 or higher (I use SHA512).
I think so too, and he should at the very least, add an encryption sub-key, preferably 4096-bit. Hell, if I were in his shoes, I'd be using a pair of 4096s.
(I do anyway.)
If I were running a site like SR I figure I'd be a big enough target to break with convention and make 8Kb or 16Kb keys!
I strongly suspect, though, that he merely regards us as just a bunch of geeky crypto-nerds, who are obsessed with crypto-trivia. As such, our advice, no matter how well founded, is likely to be ignored.
I think you're probably right there. A pity, but that's the way it is.
-
Great idea DPR, hopefully you'll never need them ;)
-
LouisCyphere and/or Guru, would you be kind enough to tell us how the SHA hash is used in a person's key?
also, how would one check the hash of their own key, and proceed to update it? would this require a new key, or is this something that can be changed?
Mr.DPR: sorry to get off topic, but i have a strong interest in staying safe. i'm sure you can understand.
-
LouisCyphere and/or Guru, would you be kind enough to tell us how the SHA hash is used in a person's key?
Nomodeset posted a good basic introduction to hashing and signatures in the PGP Club thread here:
http://dkn255hz262ypmii.onion/index.php?topic=30938.msg373481#msg373481
And here:
http://dkn255hz262ypmii.onion/index.php?topic=30938.msg374194#msg374194
also, how would one check the hash of their own key, and proceed to update it? would this require a new key, or is this something that can be changed?
gpg --edit-key 0xDEADBEEF
gpg> showpref
All the preferences can be changed with the setpref command when editing a key.
-
LouisCyphere and/or Guru, would you be kind enough to tell us how the SHA hash is used in a person's key?
also, how would one check the hash of their own key, and proceed to update it? would this require a new key, or is this something that can be changed?
Mr.DPR: sorry to get off topic, but i have a strong interest in staying safe. i'm sure you can understand.
yes we all do my dear, some grey areas need covered due to the paranoid state SR is
-
I double checked the PGP signature and it is valid, good thing I saw this thread after the message had been PGP signed or I'd have had a mini panic attack! +1 Kudos to DPR for setting up backup system. Definitely generating a variety of Plan Bs ought to be at the top of the todo list.
Looks like my PGP acolytes have slightly invaded the thread. Forward comrades! Into the breach! :D
I strongly suspect, though, that he merely regards us as just a bunch of geeky crypto-nerds, who are obsessed with crypto-trivia. As such, our advice, no matter how well founded, is likely to be ignored.
I think you're probably right there. A pity, but that's the way it is.
Such peer pressure! And I thought I was a bad person for attacking poor Ben! But seriously, let's not jump to conclusions. More importantly I would also be interested to see how digitbh's back-up system works. Does he have one badass hamster or teams of them harnessed like sledge dogs? I could obtain cheap packs of sawdust or whatever it is that hamsters eat and become a renewable energy magnate.
-
I wish hamsters ate saw dust... LOL.
-
wrote them down, but am hoping we will never need them! :) thanks DPR
-
http://silkroadvb5piz3r.onion/index.php/silkroad/user/923820dcc5
Here is the link to DPR's 'vendor' page, with his public PGP key as well...if you all ever doubt DPR's key on the forums, you can always check back here to verify it :)
PGP is so confusing, I'm still slowly trying to figure out how to use it.
-
didnt read the whole thing - but should we start useing the backups now SR?
EDIT: lol :P
-
didnt read the whole thing - but should we start useing the backups now SR?
EDIT: lol :P
Haha, no!
He said just keep them in your back pockets.. IF we ever need them. (Big IF.)
<3
-
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
If for some reason the official Silk Road onion URL were to be compromised and I was unable to communicate with you through the forum, one of the following 3 URLs will be used to relaunch the site and/or communicate through:
silkroadiplkjo7t.onion
bpbpoqbqdodbqbqb.onion
pddqoboqqqqqbqdq.onion
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iQEcBAEBAgAGBQJQEwC+AAoJEAIiQjtnt/olmpYIAIAh9rDphz9MMHPR9Y+273yN
mRcBi5Smj4NMu6pU37jQlNZ/NEVlU41Qmmp80emGTSpVyLlljzTBg04d15NKQITw
ByidPFbh2Qqz63T+WyqDsEZAnmRQ7tZvXtpk4cKx3ttX384tP+jUlmHBC+83ERHm
fok32hPRPO309RZkZBEa9gwmeGCkU8sg3E8LT331Wtwd5Zo+LIGdR8Jd5HevarBF
LwYIw1suEN5+Gvu3/liTS0f0Ftqyqt2oLCrAYd821ybmxYZYnwpErx+pcsrE+0ic
j4MInxn65sSbcZKE5cmjMunVldmASoWxMmJjNq8yzMgxZzW8JIXmdvLixwlaWcY=
=rxxy
-----END PGP SIGNATURE-----
Thanks mate.
-
should one of these be used now?
i am getting a 404 Error page when going to the Road's url.
/thumbs
-
should one of these be used now?
i am getting a 404 Error page when going to the Road's url.
/thumbs
no, the site is still working. it was mentioned by dpr that if you add index.php to the end of the URL, it would most likely help you get to it: http://silkroadvb5piz3r.onion/index.php/silkroad . if you are still having issues connecting, try changing your identity and trying to connect again.
-
should one of these be used now?
i am getting a 404 Error page when going to the Road's url.
/thumbs
no, the site is still working. it was mentioned by dpr that if you add index.php to the end of the URL, it would most likely help you get to it: http://silkroadvb5piz3r.onion/index.php/silkroad . if you are still having issues connecting, try changing your identity and trying to connect again.
thanks for the help. i am in the process of trying to load them now...
and it works. :) thanks so much.
/thumbs
-
Hey DP, is this post still accurate?
(if not, bumped for the lulz ;D)
-
Why were gurus posts deleted?
-
If only it were that easy...
I imagine these are the kind of URL's DPR mentioned as a possible hmmm last resort...if they couldn't get ahead of these attacks...
The wording was different, several semi-private url's or some such, its in the OP here, http://dkn255hz262ypmii.onion/index.php?topic=153045.0
-
Just to add:
The URLs are valid because I've verified the signature, and everybody should make a copy of them somewhere.
However I don't think they are intended to be used in this sort of situation.
This DOS seems to be a flaw in how the Tor network implements hidden services using them may not help.
-
+1 Pine.
-
Good job, Pine. Saved.
-
so do i use one of these bacup url's to access the site or what? im confused :-\
-
how do i know this is not phishing?
-
how do i know this is not phishing?
by verifying his pgp signature.
-
how do i know this is not phishing?
by verifying his pgp signature.
anyway it doesn't work.
-
http://silkroadvb5piz3r.onion/index.php/silkroad/user/923820dcc5
Here is the link to DPR's 'vendor' page, with his public PGP key as well...if you all ever doubt DPR's key on the forums, you can always check back here to verify it :)
PGP is so confusing, I'm still slowly trying to figure out how to use it.
Wonder if someone could post a link to DPRs public key (that's not a link to the road atm!)? Can't seem to find it.
Angelina
-
how do i know this is not phishing?
by verifying his pgp signature.
how do i verify this?
thanks.
-
Msg verifies to key, have verified this before when it was posted. long way back.
these are for emergencies when forums down, SR domain stolen/major problems. NOT used now.
-
Msg verifies to key, have verified this before when it was posted. long way back.
these are for emergencies when forums down, SR domain stolen/major problems. NOT used now.
awesome thanks so much:)
-
As always, thanks a million.
-
how do i know this is not phishing?
by verifying his pgp signature.
how do i verify this?
thanks.
It's not going to help you in this situation right here (because you would have needed the public key *before* DPR used it to sign the message, otherwise you can't make a comparison to see if it's the same person), but here is the public key used for that signature:
DPR's public key
-----BEGIN PGP PUBLIC KEY BLOCK-----
mQENBE2VWMwBCADcoI5qldde46EI80fHSTCS4CuJn1Py4AQjJvpAqFColeAm9xb1
/hb0ZUsG3vwod7uiPJdMlq3+1o3TSv9JlO3DPf7I50owQ9+S1ixXebouTvfpEKSb
dq1IWAu+O4PtlmFEb76MOmjOzoeV8We8kCRFq8ThoK979A1DR09KsaDfSjCITdsU
mQyVaRN0dCaj33V/QAPQybYAjNDEiNd0e1tV22n1dl6z2oVUgfJiuTVI5C0FhSKP
c3odexbKUSVk9tkUWcfnk8+9HF5jGNHnUSjWxMkG1uZUDdWKl4yJqQhBHdYqcz8A
hcJ6xADbFeoYEO6z5NEjXV0KmoDRCi4C7gdfABEBAAG0JFNpbGsgUm9hZCA8c3Rh
ZmZAc2lsa3JvYWRtYXJrZXQub3JnPokBOAQTAQIAIgUCTZVYzAIbDwYLCQgHAwIG
FQgCCQoLBBYCAwECHgECF4AACgkQAiJCO2e3+iVfzwf/dg6wj6an8xehD7tYOjMb
f9/RAKLCq+GMJlROQ7mPoOqUdnTrQ375Ld0MUJFEQUHsmijkDbl7rOLw0IuJHJsx
w9wy5nNANMEMxjspdGvi8HalDrXJC+EiD2xM0gz/XrDmTsHhpAZEgwddygZFuHxW
wxpBHGB2clLf4xYMX5TC7Z8QJLEdXx9DW5mZ1K9XuC+6fkMpUblzoRizmzk1NJ+y
g27mYo4KigysleshF3yyQ62as5apqIfgyYrJ/udwa4JQ8Le6dzB0d3o8mrrDXqHS
uxSdLGNLh1B7lDphdsQxrx1W/468EubG+5PEf2DLqqbUYLDCxS3m4DN46woO/INt
5A==
=kHyk
-----END PGP PUBLIC KEY BLOCK-----
Import the public key into your version of PGP and then copy paste the signed message that DPR made.
Then there should be a button somewhere called "verify". Click that and you should see the message is validated as belonging to the same person who initially gave you the public key. Like I said already, in this case you got it from me, so this isn't very useful to you right now. However in the future you might find this feature of PGP useful.
PGP is very useful for lots of things other than encryption, this is one of its uses. A similar use of PGP signing which is very important, is validating whether a Tor package download is legitimate/not fake. I strongly recommend everybody learn how to do this, because for all you know you're downloading the DEA's version of Tor unless you do this step. Seriously!
https://www.torproject.org/docs/verifying-signatures.html
Note 1: Separate issue that may seem esoteric, but for newbies do NOT sign anybody's public key from SR forums unless you know to do it locally. Doing that is not useful in our situation on SRF (signing a public key uploads your signature to the web, which may not be your intention!), and you don't need to do it in order to use signing and verification anyway.
Note 2: I think DPR uses a different public key for encryption, so PMing using this public key may not be appropriate.
-
thanks DPR :)