[Arkanosis]

I'm trying to get my public key available to others by more reliable sources than the traditional PKS, mostly because I'm signing git commits and Linux packages. I've an encryption key as well that I use to encrypt server backups, but I'm not expecting it to be used much for emails (actually, every single email I've received with sensible information was /not/ encrypted — people just don't understand / care).

Not all my private keys are air-gapped, but the encryption key is, since I don't need to decrypt my backups, and don't expect to receive encrypted email very often, so why take the risk? I have an old laptop which is not connected to any network and that I only use for this now: I plug the USB key with the private key, decrypt / sign whatever I need to and that's all. It takes me a lot of time, but I don't do that more than a few times every year.