[OPSEC/Computer]Do you include your PGP key with messages to vendors?

I encrypt pretty much every message on DNMs and I notice some vendors don't encrypt responses. I do not include my PGP key with the message but it is in my profile. I was wondering if people include their key with messages or would that be annoying?


Comments


[3 Points] Chroncentrates:

as a vendor, I'd say include it. With slow load times.. like BB for instance, getting to your profile to copy it is a real pain in the ass. I would take scrolling down over accessing your profile any day.-


[3 Points] gerundive:

I always add my public key after my encrypted message because if vendors need to reply using pgp it saves them having to search for it on my profile (which may not be up to date).


[2 Points] Jobless_Junkie:

If it's sensitive information, then yes. If it's just something like "hey can you make me a custom listing?" or "How long until your Girl Scout Cookies are back in stock?" then no.


[1 Points] Derrick4Real:

Negative, I roll like you too.

Use vendor's key and just keep mine in profile. Fortunately for me, most orders haven't involved more than the initial PGP message.


[1 Points] Canna-Juice:

Can tell from our own experiences.

Maybe a third of people do. Everybody encrypts but nobody wants to DEcrypt :/


[1 Points] None:

Some have different takes than others in the value of OPSEC in simple communications. For me, I encrypt almost all my communications, it's so second nature and takes me only literally, 30-45 extra seconds to accomplish. In my personal experience and opinion, all the top and most professional vendors will take the extra 1-5 minutes (in the event the site is running very slowly) to copy your public key from your profile page.

In fact, by using this method, as long as you conduct yourself responsibly and keep your information up to date, I believe this is a good way to evaluate the type of vendor you want to do business with.


[1 Points] _BorisGrishenko:

Not on a DNM where it's readily accessible in my profile; there's no need.


[1 Points] None:

[deleted]


[0 Points] Spoogly:

If the vendor is not using it, and you want them to, you should let them know that. Including your pgp key in your message to them is one way of doing that. I don't think anyone would really give a shit, as long as they could still get the message part without having to scroll past your key every time. Maybe just include a notice at the bottom that says "For both of our security, please use PGP in all communications. You can find my key on my profile."