Protecting Security Information

Due to the sensitive nature of security information, Apple provides a method for you to:

• Verify the authenticity of security notifications
• Encrypt messages to send to Apple via product-security@apple.com

You can obtain a version of GPG Suite from GPGTools. Additionally, GnuPG is available as freeware.

This is our PGP key which is valid until August 13, 2025.
Key ID: 5FEE5DD535DA22FA
Key Type: RSA
Expires: 8/13/25
Key Size: 4096/4096
Fingerprint: B33F 5A96 D03B B932 3EAC  4FEA 5FEE 5DD5 35DA 22FA
UserID: Apple Product Security <product-security@apple.com>

-----BEGIN PGP PUBLIC KEY BLOCK-----
 
mQINBGTKwtoBEADcVttPfg5CNIGSn/9ezyIDjSm2oM4yQFqrAsVqsNG5Tf2rlNg5
nXvOL7eKzS+zsPxaiEXlEj3PYyo5AR/SbtWlN7X6ipnS+lal8E5B540Tb1k+CVyq
/1OqA6jX2H68stlozOrhJDZ8qjZRCt5cUrPsDhdAPJpR17q8UyZyApZc78IeCilg
FCHlstgNY2L4C8Q+yi4RSV9y3Yc2KWcRlgeBP9ZFSUUVq42jzGP/gvssO60knG8X
yhj+91sTh6UY7kOCTK5iQDctg5XN27njO1CBzkJpE9J7wgH/D/xX6aMHw/eaIDLo
qPkJMkgaH9yDUlVOERzBkuPNg42hYnyK1JZvD1ULs0bLg4RxiNMzItG7aXHu3aLF
ibmph4Aw/WjqVRJ/18weZ2dZUP6PmY6+CyBIaINbgP/+n7ZMH3ez8B5BAezr5km8
3NBkRlnUofTcOYC5fJG1uc5TRCphxn1XlZFglGFksvx+H6zJEj58ewituTixhWTc
2q4x7ryg5EWx5WiyGD8lApdMvqJiJVxdp8iKQTY+8qLLRs8jAq3Cdems01ZAFy06
r5noB70IhSVARJpw5DUVzAGldDEMPPRm+HZtY/ZbvA0Ps7A6E0BYMx/EomAZZMZO
rgXXACge76ZMaQlfj+KdOm16NTlJ9pcPURQODqbsmXjl2uP0IhMiy6z4WQARAQAB
tDNBcHBsZSBQcm9kdWN0IFNlY3VyaXR5IDxwcm9kdWN0LXNlY3VyaXR5QGFwcGxl
LmNvbT6JAlQEEwEIAD4WIQSzP1qW0Du5Mj6sT+pf7l3VNdoi+gUCZMrC2gIbAwUJ
A9I5AAULCQgHAgYVCgkICwIEFgIDAQIeAQIXgAAKCRBf7l3VNdoi+uOhD/9QnhWW
5Za2OhznA+gbDjxcC9BwNlwTNK2VR1eDpsoPVkp5YfVxo7O23xMQ5vmMUm0VcYVD
t9/gXd6q41sw3Qe+AlOGJitZQYxGRtOh2bOXRV8azLKsDNr7wSlolzQocsfEMdw6
64ee7wxV2he4r65ccUGlkwR5KLeYchwa60X26AzyZHZR3znLd0WfTCthEfNucAet
GuVJC0TzsdpKNigzRCrHinJTnfin68xeUJVcxUfk1bfmmwmX+RBLoQPioltzBnZN
g8a6frxP4d7qlp/+4NNOHDm8Cz2oI54UwMuEF3Ai/X+Z/MxrI3lhWVim0XKSK13D
2/v8rCKdBKrv9qB3oDZeHzfzgGrMVSHg5QFCsLpshCqhrzD6MxwhKlWa3oNmTpm2
ZHWyubP3WRPLiygI2Z80xphn7Ib7HWgq41vPwvudwWNN2fASrHoVzT8fOtjm0EsG
lMeN8HJ4ikTmg/hdWByidjZVaPyR9jQXpXmeaTBgxj8VFLL61KMfOtKf+Z7E5+be
xdscdM113F1sg3cCNP7WShuiojXcwfsAHEMN+AXLjxjRnsMGeeMMT9a3ORO1/okU
ek136VYHR2t0vHdXvOdNOww7Kk3IFAikPg5BglBUP1MHmsvMjF6GnXP+JgRRo78C
lCaDODj37/Gn/T+QF8cpps0b4UzZtAQz2muSJLkCDQRkysLaARAA2G1ybTW5/cdk
2Cy6HGJNU4v/KUGlqQ2AKsREGPS3z9SP/E81Oa4U7g9O542X3KryW0ugST9gYVxb
cNi+9h0Ox06vvnViUEd/O4h+UB7eOWIgUBhGme6zT+nqcaUuOeAzENmsdp/ptO+L
5L64vaHOr8u2d900Xic4l8SE/TQ37Cp3yhVehISPVXtnCKOjzHz24oV27USLCLYI
ih0YTqmdFJal4+L3mO+aKY8VNc5IXkmP8naLlcaVcBf2GJd18aJ9LRnblqE+V7ru
lAU3NGVQNi/1wJDItR4XuK8+cUKlNm5kf+8JDpc0yEW9xQt4n3KajIRtxyNTTf5W
D5hGIF727xuwtspJxcCB04ifJMMTBhwqu91dWy1M+648m/1ZUtd4cSf1g6ILkrbV
clwOVe0RVBxpw/p7mtn80lcxRWCBYFlJJoz6kIdBnSp4aYQmUPpyfoExB/BDKLJT
/JCopKWE8uhEUfQmKOD0j++pnFnuE4y1iQx0ODUz/uibgNl6FsAQl14jt30CHIgo
VYlpCNadGX4QGYvE/R4eOb8s4wtRKGJowCuE4GZN4ZAoTujBD74mfwLTYV3y+u2c
Cxaj1kMEEjlv+dQh71pfpGqyoh5USKNtEUBfJdmp9ttHu0ubbg3ZdkI5WqPxe5uH
NkJ+YCoqbCKPlG2xXqE7s1EJ8W8kn0sAEQEAAYkCPAQYAQgAJhYhBLM/WpbQO7ky
PqxP6l/uXdU12iL6BQJkysLaAhsMBQkD0jkAAAoJEF/uXdU12iL64uQP/0PhpkBW
/XQPukT1EJANC+E5y55GUjyR2cS4tPXpo5i58CsA+ILL6naSlsQ+tjAgNg1CIZu9
zQ0KA+a2qNfRVwU/xT5I2Qe/BF8jPqwhPnvJPgBhJ6mmFoFKKsnasUZ7CpHqcT/x
KCfPfhT35VK2UXMUU4sf6tloBGHFhn/nSYUGuOWqYIxBRAMDdE05bvGHi3AbpDao
Fs9DBHZ1fcrNkAqxsS1tYIEcZherBalFepw17VS4teMsGZUZT/9TQiL4TlZ8iIfs
OAFzyqQyXBf+AHnZt4e2IuunJ7AD4FXISra7RZToq68K0d7IAl9EoE1+68j+vcFC
2950gb6zVttXohG2T1Nr+vvejLMw6gtz6m450/KBKaAfeZVCLXB67+rQfZokjvyL
GkI0RNWBr0SvpevuxcmbjOa1ymcXuPkh0OaaDVcZ3bICa8YB9RBVtEln0H2dEjOH
awYYXyKXDiPuJPQycnJTsKzLiRWp3sP+Tcyjp22jpx/S3o9hhac+U5URguQ4ngtV
zmJQctr8crXsWbZXGS/98vPK9zDVHz7kysyN4rhbiSlt/E8bt2ogZYxIHrK85Uab
u1/sTGMgzoBykPylgvqeyZEUubv0wOmB6GCMHhzCv7krYkha6R6SEvu6TDG2DIJ8
310BnIyj6e/eKHWUi+eSVHTeKvMhIbyVqm0q
=ZF7h
 
-----END PGP PUBLIC KEY BLOCK-----

When we generate a new key, it will be available from this web page. Our previous PGP keys are archived to facilitate the validation of previously-signed messages.

Documents developed by the Apple Product Security team are signed with the Apple PGP key. We encourage you to check the signature to ensure that the document was indeed written by our staff and has not been changed.

Note for users of the security-announce mailing list:
Some mail programs cause changes to messages, resulting in an indication that the PGP signature is not good. Critical information will also be posted to our web site along with a PGP signature, providing you with a confirmation of authenticity.

When sending sensitive security information by email, please encrypt it.