-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

The SSL certificate for Whisper Key was due to expire in a few days, so we have renewed it and changed provider from Gandi to StartSSL.

The SHA-256 fingerprint of the new certificate is 24:CC:A7:E6:3D:2D:53:2F:A7:56:7D:7C:7E:D7:65:EF:5D:D3:76:BA:F0:2C:5D:B8:96:27:9A:30:6A:32:29:CA.

Remember that, SSL or not, no plaintext messages are sent over the wire when using Whisper Key because they are encrypted and decrypted in your web browser. SSL helps to reassure you that your version of the Whisper Key software that runs in your browser has not been tampered with by a man-in-the-middle attack.

However Whisper Key makes no guarantee of security. Pixie Labs makes no guarantee that your copy of the Whisper Key software has not been tampered with. Always thoroughly evaluate any tool before trusting it with your sensitive information. Understand your threat model.

PGP signature of the plain-text of this blog post follows.

-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org

iQIcBAEBAgAGBQJWE3xbAAoJEGJhg+S6e2BZRqAP/j7pYvx5mt5vb0O03Cc7nQF2  
owVAChYz0d3mjTICMrBY3QplfuIvwUaPe4ADiDDdFFZjGyUbDLLaW8Yt2uxSH01M  
IcPBp1YlfyNDqh8Re8uZDbQwYkxvP1pzQQjmzQyOnikQGi3AM01Jjl2f119VXfBU  
wDave0FPxje3xZWT2uA5FqGNI8WIu3kQInKhDKqOz2n76WIhPnCH5Xdzv6u+ECOd  
wA4vPkAIdziXbU3A7IF26RlnrZ607oi2c9oVK05N2BPAkVo5LiECKCvFYb4LRZ5p  
U5yb8hr2E0Tq3NOIqpl3h6axz6PVY03q3bkwgNCiJ2RPXn5oPs09mr5FOOevVxX9  
qNtwZAULRyZPDfDjtNTej+eGY+yt6fQ0Y8aZykXaW9pvlw2PgKEDyunH8g6Grzw9  
9iF3S6F5ExXVYhFnLtUeDBNHJMZ+zmAAcF8yOKS/pw4JvrQklzdXKXdJmg0KXgW5  
iiaplG1PHazSQepRc6Ku3V8ginsMRRfLaIMT5nGjt033D68sEUOYGLSrj8GUKzGb  
qcwmNZocLfhPnHWoLYdIdvAKXbuCwPbW2eVF0fN1BKAozKFBjWwXG04qXysIWSdp  
Mn4mhX2UqZGiJNcrqjnDsSTD7pmR3PJ4Efqx6fKwaaPEzv7RE0f6Ji0ni7XMyU7Y  
c/6Y4ZLvGc8Ml3jHRwnH  
=0vQf
-----END PGP SIGNATURE-----