Protecting Security Information
Due to the sensitive nature of security information, Apple provides a method for you to:
Verify the authenticity of security notifications
Encrypt messages to send to Apple via [email protected]
1. Obtain PGP software
You can obtain a version of GPG Suite from GPGTools. Additionally, GnuPG is available as freeware.
2. Apple Product Security key
This is our PGP key which is valid until August 13, 2027.
Key ID: 3D68E087E2ABC0C7ECF5
Key Type: RSA
Expires: 8/13/27
Key Size: 4096/4096
Fingerprint: 8639 25FB 330B 3701 6209 3D68 E087 E2AB C0C7 ECF5
UserID: Apple Product Security <[email protected]>
-----BEGIN PGP PUBLIC KEY BLOCK-----
mQINBGiaIk0BEAC/ljc/MuBm7Ek2+JiqPQdlgKge8RbnHQg6TKNQknGQIBtY+IMT
jykNPpHxG3ywIpKJT9HRvNkwmJMZ+Akmy0twJYY+Mevv4v1Lr4OgaI6Ypz1ySfN2
ACY4Sr6UUIMDmKVhG79zlrht/9vFNj1QC3KW0vTzurQOiB9sKPPNUTeE2nHaXGgb
uAdcg/onIfC2WybnS4UNKT0/Y/fHZWHYndEA6aYEZVSpA1Z6zZtsOttfxOSDWfEi
bxjRLnB/6h7/lGd7r34SYgWt233Z/XAfoWZdqoWKIX5sz1VACg4C9/fm7Npc3y4E
Rh1581DkswXxoPs2SnOwV8xMBX4PaihzW/Z6VhiJ9INd7iz5hGBVlUbeE4PblaGQ
sHhid9Zkvrwav6lri0FXmRncuoBoqsuTCyW5emFVNclB3KHXgmXvVZijTfLLSyfK
CaYwhD42OBl50BrpSwdyI1if6H56X9Fk6a32Rc0dpyxDaoUNBe2ye+S2oyq5kdZu
voMJm38eYfaln0u2bJry2Pup/CDMTN5VfPtAcm3clcq/5FTINSpLp8Ko+Dr/yM2i
piRHNz36GH5ngIJBugsmeIPNnPq+Ke+3DSYIbwyG7onAzKqe3q8T0XaKUBsSGByC
JIwZezdFPCkBTw8+hEnbf9HtbiesiCey4ftjH+DLH3lEqp9WdgRlsvJqUwARAQAB
tDNBcHBsZSBQcm9kdWN0IFNlY3VyaXR5IDxwcm9kdWN0LXNlY3VyaXR5QGFwcGxl
LmNvbT6JAlQEEwEIAD4WIQSGOSX7Mws3AWIJPWjgh+KrwMfs9QUCaJoiTQIbAwUJ
A8UKAAULCQgHAgYVCgkICwIEFgIDAQIeAQIXgAAKCRDgh+KrwMfs9eCYD/9IvQ+o
GGxrguSy/342pgzFbqyO7SpNiC1cD1qyRrVB78U5yauSlzjGlrypDmqmapNsX3nB
/4Qq5CK7vUvnS+V1SPN46GeePYwAiDFTVvYk8eu98QqCAUcn7W22neG57lGLjW40
yv2VvmeZViKkZis8EAgrIBtVLZTs08z3F0YKXE6HutUyQ6QkurmyuAGcs232GpmT
f3CE3S2R26K5bVC+Er4Rz2+1EZ79EuQO/GYH7Mc6sKjSWWCYysZLhgJi8unjOXD+
avDdC43YD3URz16+7cF1L/fjp1dYdso8oaoHIqqctXyJV+7BePgxJK4sd3EzOqUr
9w/s8AiVqFUa+GPW9y4AMsDucXnrfNBOiqGeWK3gm3lD6XK2PH0cdgtfnuhfPWAt
WokPrnTik+2aJtjX209KfjbqnENasqCuIDWQs01zJJn0GND0zSggPFj4G7GAI/fH
oKrbUxSuCZWYbwX8COM1OscdVPrx+rnBC8G7nRWVhYCBV0nZo3y9yBB2UN+5t28a
62vfHxxVM+Hg9ewxD8KKIEra11tOFXUE4uZhWIKohYiD4mPleGikqLtibu/wJrYo
2X3IpzV6tFXPkb6yfvueqLwDJHxV5JAyHAjHQeoDf3MSMojcERBMk48VZoCU3xcQ
nHLZr6K6tLj2gLlS56vB7DEr4M3BvVphOMZrbbkCDQRomiJNARAA2D8sxOmcbWUK
izDl0cY3m7vtL3XeH/eK9q5nKBxxE7l03ECrJHw4V+Zl82mWgaU/Lt1tXlGeLl6r
eKklLV1z326thhwk1ljn9P/Wgt6GxVoBU9+fuEwaeSK/BIPZJJHvaZUa1X7Mf1yd
cAkcnFcoEgYiVTMdy6SUyC0PiPRDNUqicHeixFi1kweyQeM/4GLSewhvy+L9YVJN
tGklvKQQflcAzJtHemQJ4VNkDXT5+Jm+AZkSNwwQKiGpJEqkVFDfnRovKILgMpcI
4hDBQ/yAW+zbXGrN95WlWbd9n2+pdyYJZwwgBY78oHwhLBd+PAi+EgRd0FVPa3G5
7BuE7hXrlzteXijyCAzz/uCfb+RIG80eVPkbVbYoUgcEi4GrHkGyTLVtYLy8y0zE
gGsIofXHNGqdqC6v7U9GlMqofmFhNXeheTm+sqsQUSHf5EPwoQdaWGpaLj+nDXpZ
b4R0cE2lrXbVVStZb9pyFOqTs4fYFLtWQKVCQUP4R1/N1vFOZA2KcgroIiyfQdfe
CMTM+3yjwbzb2UssSd2gyIK3EyQXd6UPZdvtNlwM3HOfNfwDsBd+eyFh52wJ2nIV
XIPv/yKhKOg4afTEva7x5EaeeSMhhGMWLLJkws/StbkSsy8khOdfckmF8eUXysQt
V/AmzJxXvEwZmgqG18ykvyxlbLHba9MAEQEAAYkCPAQYAQgAJhYhBIY5JfszCzcB
Ygk9aOCH4qvAx+z1BQJomiJNAhsMBQkDxQoAAAoJEOCH4qvAx+z1zOwP/A8IQb4X
OtDDxmyNe5p4R39fSLB/a9QaL+/4Q5xVHY43IBKRyyK/+j7zFu1hWD8gdr9OYsuT
bLi8+F6EdIQl8ZWiTAg1LMTWEyKeR6CexMR9UttIP+tuTw0rkYj5JhaafZC+VdFJ
scY/9T/hGsCdwVnlx20mcaKuWby5LzsF6n/OGwsWnuj+SkDFTu0PAye+JT4cQyOV
UCEqGNL9B0hDti3eFsK+1UPuNPU4Ox3CAvmu6iDmEI8MougAVZu0b3zqR4dp/Ecl
dAplDndTKKGiYauxbSTEOeKVyMz41SOVvzJoTehIVw8msMcCjH6CgaKzXJ7QQP+Q
xEor1lDywtWIrxoJmnauAClWcQdUgAK+/ua8kQ+z5laiCltl6XwSdKlaGqTRBXMK
b1pMvtC8kyj3GcRjIi7Www9v5K4Z067xqH3m05eJo+xgxS1kagdzjcIVQkUBlr1/
5odtXiWZLpS64GhC44CX3uBNikJARqLc44fxrq+2zHzj/qjP84tf7SFINmstu76o
PklZg9/ZcDpHRzG+toaqGLqwl2ijxFivB3V3121qnXZCzTLk2/F894pI6y2kYAsg
Es0IRtY279t6kFSXlRe4qvmLpAYB88FB6gcyii4bxW1ixG2flwn4aVZgrkeZVn+7
2gwi5K1ZOC6DcvnaSU2n4+OU0+m3yjYvyMnz
=cBea
-----END PGP PUBLIC KEY BLOCK-----
When we generate a new key, it will be available from this web page. Our previous PGP keys are archived to facilitate the validation of previously-signed messages.
3. Check our PGP signature on mail messages and documents
Documents developed by the Apple Product Security team are signed with the Apple PGP key. We encourage you to check the signature to ensure that the document was indeed written by our staff and has not been changed.
Note for users of the security-announce mailing list:
Some mail programs cause changes to messages, resulting in an indication that the PGP signature is not good. Critical information will also be posted to our web site along with a PGP signature, providing you with a confirmation of authenticity.
4. Encrypting sensitive information
When sending sensitive security information by email, please encrypt it.
Need more help?
Tell us more about what's happening, and we’ll suggest what you can do next.