Protecting Security Information

^_.

Due to the sensitive nature of security information, Apple provides a method for you to:

Verify the authenticity of security notifications
Encrypt messages to send to Apple via product-security@apple.com

1. Obtain PGP

You can obtain a commercial or free trial version of PGP Desktop from PGP Corporation. Additionally, GnuPG is available as freeware.

2. Apple Product Security key

This is our PGP key which is valid until August 20, 2019

Key ID: DED32B71

Key Type: RSA

Expires: 8/20/19

Key Size: 4096/4096

Fingerprint: 0CD5 C954 D089 2440 1598 9759 782F 6D86 DED3 2B71

UserID: Apple Product Security

-----BEGIN PGP PUBLIC KEY BLOCK-----

mQINBFt7PakBEADNZVrXPrO2CMUfbydLxJi+QGe6znpDkSe0KCsYPvcY3dMb1Q9s
x8c3etgrIAEXREBOIQ036xUTmOC87wK6KHdi0yomGmEE2U3+C4Qx1JihcsP8w2GT
IPVJfmLicdVdQD/BJBSuQ+Fhs/4EIEaShqY8wUVN5am8+gzAfQw5aqWxbd2qycuw
XKIxKqLr2ose3kmHE4HxvoZpdjBckOrH4HWnmk5DpQ2rJw5wC79bUkozvBb5O8Vo
GHb21qfIOfqq60+L7FO7rSC7bhyeGJzEL5ws3qS3DuqYT7WhcnVpyGTGtHDfE6sj
cLL0p1EUAeB2FBLt/9VfF2FpVoFvbbwpJvZMikwoLv7VXKUX/YFXml2vjKBPf2tV
UoKgkGi4nBYEwuAiGppaavGsq02tB/b2nOp/vouoTqjfSYiHKyltEbULfzk1s6zP
HPqnLOj/rnmOsKAWy+DLHzVf8JTxzMkgLVStk1FbHPV0EYCs2NGkLWaXcT1SebmK
eYx1AoIKeGlVkl/ke7Cr5sxZEZnahAQy27wh/222NbbjHCk+XlfxbclESYd5xx1m
8oVHe+w/nxyMuMPT2pvyvLqqqQmhuaUuKA1lJaWGeZUKf2LW4UKsyCnLGWRsIrLa
kCrjbElMmf2HMT2PwX2plTfC5hp0uvE/Wxuh+RX282I7T4kUqAhChIkabwARAQAB
tE9BcHBsZSBQcm9kdWN0IFNlY3VyaXR5IE5vdGlmaWNhdGlvbnMgPHByb2R1Y3Qt
c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20+iQJUBBMBCAA+FiEEDNXJ
VNCJJEAVmJdZeC9tht7TK3EFAlt7PcgCGwMFCQHhM4AFCwkIBwIGFQoJCAsCBBYC
AwECHgECF4AACgkQeC9tht7TK3FuGw//QVN0NVcNXSIp8k08XzshMEuQrt7jVkj6
YgwY5pG2SEjD5oahsn9lnGU8lspMl0sOAHZ2QqDXshq1l1IIJmWwv+g8+aptEVFg
Rc1u3BbUgNmE8OiUCdo0ZPtaBVjh+l4H+FBTxMpaE2/gHWnfqfj3ipsWs6o+3FbZ
ZacmsM/bMqGVFbZgT+FbenqBdLrv+GVfnqAl9TDphHLMcSiCyPH25lJyUky39Knn
e56USZI+f36KJJVZkZndOjM7LJLtymOxcCMbyedtsJU2KJwZF9J6MkA5OAaVE7yH
glkltS4w7Y9dbLSjms5CNp8cTFiKFTMdX46xwT2B3Jz2VpA/ZlsACf4EFWfy/e90
lC/TibB7PlJoxtFYVKoPvFmNl5i9y39VIZvcq66pSkf9auKaV3xvwQtSZXZcKkU3
7oW9Ff0wi3YGt4kcnkyyjZIxV8Ps+wX2Fh2sT6LSWXEkE5l8/C/nbqeHMoRhaZiR
C4iGudWHoyxVfZ2q7FpY2nuJhey+nisfX+trB93cNv6Vnj7QoSgrEvexkwH1yRjp
IIKuKTuiwcBRdRIC6sLnUrITZEjluXvmGNr8EufFKrQirjZ12pdYGcmZ1A5fCXcm
+YfjiicXE+bDSmEF6sEirCjg0T+hqF+uDe5zYYzQfOPNl+4MKDgNljpfhMzwuyWQ
z9/oDZtvI9e0M0FwcGxlIFByb2R1Y3QgU2VjdXJpdHkgPHByb2R1Y3Qtc2VjdXJp
dHlAYXBwbGUuY29tPokCVwQTAQgAQQIbAwUJAeEzgAULCQgHAgYVCgkICwIEFgID
AQIeAQIXgBYhBAzVyVTQiSRAFZiXWXgvbYbe0ytxBQJbez3SAhkBAAoJEHgvbYbe
0ytx9HAQAMDvO/xvb6WDFA+4MDMI9FSiNRcOzTy7TX6l8J9pkzPHzoZF1d8+/x1D
q8fhPLKzZqCS+1+JLG3P3gOKlRoZVwPGHOH7F38FDm/3GU/sZUoZWXWZ/skpX1B7
eywhrCeJaT9YA3Qnts4gAw3rJKDsMpgXraoDKqSKNfLYdn6p5A75HU4sWd9pSaad
uMvL2jBo7LvuraYm7DulprA3QCQbTXvf0UfD8Pn5k/d67UHyUHlOWcrtuujczkbw
QE6+jpO92hILf4uBfIsRd4WbcaiaEodQoKznC+V8NOQBZgrg3B1mXqsyD5KOPOTh
pC8/pjtmhSFk0cWGEulzL1BS4/dwV4vWn2fwzPe7mxePJ4um05A678/GnLu2opeY
QeRM4FbxQIGVDDyQFs7kxofZO9wwDYZtL9JRqD2Hsl0dSAcve+muiE2GwYyyZRi8
4m4bLXIxkSWy+/UVWoiWfRcjb7FwSp+s+WaUYi8ci4HqED7qsWhWAbqTkR+05ZDg
AdCtnhUZIpmy+Fh7Fx/Gv0x6dXBKPYqexdx840StmdV80h5+neYSEsFJrI+m7tlK
MT/FfG134/BZwaDrFIx5pLQJhIPCetgFafLzd0ekpQs/BO+a8Q0blBrPzvTxS5f0
Oiw9tQ0S/UC2ydhBHQUc481bXGmKSij+e2MJFdpANPcm1DPOYO4WuQINBFt7PakB
EAC0K0m94yZux3p5dGPJZpSHMIidYjsqr6hkTA8YlNMgpWQ71BfLbxQMmm+HwU2z
ef/IlHY80RpZSTLLT8LjvmoQnlIgerW7RLuKwAKc1PODqqb11DmzkzucnB4g2ecZ
JopodbL1g24FsUFtkrAKM+s5F2MmDr+/ZNDPnitTR+wmXQkChH/HTTjJQghddnqD
/e/4syu7XgZqL4yXEmDPJi/fvQr3aUoS45JlQx/UyK55h+u29nrDCfO8HYGvFl/+
RGhW2i/6OfAzYICxcpnilcECs4SaXH0BaUkfaL1ZyJdClWD+xu5+/c4JQM2N3oZ0
5cthQtYh7PyBiy9nuacAhbdEk7ItwXCjn6USaiK7mtoUgT+iUP39ApDy46AwXnJ6
LN83mopSuPM7mx49Nzo3jOF4eFnFMlps9+YXxf+zCHmWhc190qB+WXnpIlZ/ogvW
+ilsQ+m2w0CedjGOtBD2bBUwP8VqFKLoRRJfmEXChfhc1OqNn7YvYkmIHdGXkdth
SG4UHNbM6lQWbO/zDdgLOS3UpS94j0HO12YLQc3l7HtoNthiaBy+cmMJNfNsBlTp
vhyB+ME6B4LOXHZmsMVEJoKGssSJ+DDeBG1P6SAkDwQoGCkPw9NR8WyOI8Wjg5Ob
FfT8UmmA7OOerQ1GM3NYnHgp3+2Eo0kBu1l+0A2W9GtGZwARAQABiQI8BBgBCAAm
FiEEDNXJVNCJJEAVmJdZeC9tht7TK3EFAlt7PakCGwwFCQHhM4AACgkQeC9tht7T
K3FcHw//YM2TXnvF6lkBjVvsyM5izXGiCY/h48PMi4EzEoXEqWA7ztVo6NvKvtHH
GmpEnO72hPeb7/pH6lXBPHF/Mfi9zZh5qp4w45Fg5IRMlR+q3dFmtwouF0Q98KP3
H3y0T8e1ImJmE4f/LhKS9KEfym7ZHkKBfgdzEHqVVqT0AJV/fTqE3qeMVSGnN/Ex
1nx4glVSLIUBgfNZFNfwoSvnmyofSAoB2DwAkBhTQEki6Njcmp7dAZvFuyx80/nf
rjeGxX4+Sy82WaoTVwnqSCA5Hs/NomdvfgtUOhF0QKV096tJV7NkzIXyaLJvzLA9
p0FztRlYc7rX5x+rDsXK5MhHt6NgtcPqzyShPk15zjBoxRQ0xgjQy6fxdD97ayoo
At3gipFBk8Nfh28czj1kn+XBnEhafFNMVvY9hbyGqXzg/uNSyXdJxSrPYyGMGKdm
G+qrFqlKQKsBwHM3tovNORqIpK6WW3Kxpn0ZxV0XaJsaA7M0xFKe8UlVWg90FRzb
s6v7n3AGdIympnmFPXB6JF+/ENOz20UoNExbeuroYQpE08DN47l7AJVxmgEbbtIq
DgmVx+5XZUv+H8iha+X7SxHV2KPf+5W59zMXyBmgn2OYCEG6tM/Zy7tBgLi8mhVD
2ORZgxgLNHc7K8oI8JQio+hI+4gEOu24j+DcYeg+w+4Wkf6u1zM=
=58Z8
-----END PGP PUBLIC KEY BLOCK-----

The Apple PGP key has an operational life span of one year. When we generate a new key, it will be available from this web page. Our previous PGP keys are archived to facilitate the validation of previously-signed messages.

3. Check our PGP signature on mail messages and documents

Documents developed by the Apple Product Security team are signed with the Apple PGP key. We encourage you to check the signature to ensure that the document was indeed written by our staff and has not been changed.

Note for users of the security-announce mailing list:
Some mail programs cause changes to messages, resulting in an indication that the PGP signature is not good. Critical information will also be posted to our web site along with a PGP signature, providing you with a confirmation of authenticity.

4. Encrypting sensitive information

When sending sensitive security information by email, please encrypt it.

Published Date: Wed Sep 12 21:09:52 GMT 2018

Helpful?

84% of people found this helpful.