PGP Public Key, Security Information & Confidential Communication

Our PGP Public Key

Gehirn assigns PGP signatures to emails sent by its employees. We may also encrypt and sign customers who have exchanged their public keys with us. You may use this information to encrypt or verify your signature when sending data to us.

About the Root Key

  • Root keys are only used to sign annual keys and employee keys. They are valid for an indefinite period of time.
  • Annual keys that are renewed at each expiration date and keys used by employees are signed by the root key.
  • Once our root key is carefully checked and trusted, the PGP's web of trust mechanism automatically trusts the employee key and the annual key.

Root Key

Owner
Gehirn Inc.
Key ID
0xEAAC87C5
Fingerprint
D99D 42A3 43A0 CD74 0250 44BA 59D0 D6ED EAAC 87C5
Public Key
root.asc

Secure Communications

If you have information that cannot be sent via our Support Center regarding a Security Incident, Security Vulnerability or other text containing confidential information, you'll need to contact the Gehirn CSIRT (Computer Security Incident Response Team). Please encrypt the confidential information with the following PGP Key and attach your public key to be used for the reply, or send the Key ID and Fingerprint at the same time.

Gehirn CSIRT Key

Owner
Gehirn Computer Security Incident Response Team
Key ID
0xB0E4B1CB
Fingerprint
28FE 0882 6CB7 B800 2A4A 9D7C 6002 BFE1 B0E4 B1CB
Public Key
csirt.asc

Forwarding Address

Send your encrypted emails to csirt@gehirn.co.jp

Employee Keys

Our employee's public keys are signed by the root key. If you want to verify the signatures on our employee's emails, download the root key and set up the trust settings, then either download the key ID indicated on the signature from the keyserver or exchange the key with our employee in advance via a secure method. Verify that the key you have obtained is signed by the Gehirn root key. Once the root key has been carefully checked and trusted, the employee key is automatically trusted through the PGP's web of trust mechanism.