For the protection of our users, Ribose utilizes cryptographic signatures to ensure that emails sent to you can be verified to be authentic.
Ribose utilizes a set of official OpenPGP keys to sign all outgoing emails, with their public keys posted here, to allow you to verify that an email indeed has been sent by the Ribose system and has not been tampered with. We strongly encourage you to utilize software that helps you do this.
Active Ribose PGP keys are used for signing all emails from the Ribose system to users. All such keys are in RSA with a life span limit. All current and previous public keys used are shown on this page.
More information on OpenPGP can be found on Wikipedia's PGP page and IETF's RFC4880 page.
We encourage you to use email clients that support PGP signatures to confirm the authenticity of email from Ribose. Certain email clients support PGP signatures natively (Enigmail) and some require installation of PGP plugins. While different clients represent verified signatures differently most display a 'check' or 'tick' icon once confirmed as authentic.
Here are some tools that can be used to verify authenticity of the Ribose PGP signature
Steps to validate email using PGP
These keys are used for signing all emails from the Ribose system to users. Users may note the expiry date.
These keys have been used by Ribose in the past and are shown here for validation of old messages and historic purposes.
Get Started Enter