Contact Me๐Ÿ”—

Please feel free to reach out to me! The easiest way to do that is online.

I'm am physically based out of San Francisco, CA, but am also frequently in Oaxaca, MX. I'm always happy to meet up for coffee or go for a hike, so drop me a line if you know any good spots. โ˜•โ›ฐ๏ธ

๐Ÿ‘‹๐Ÿผ Recruiters ๐Ÿ’โ€ (please read) ๐Ÿ‘€๐Ÿ”—

If you're looking to contact me about a job opportunity, thank you!!! I just kindly request that you don't use my personal email address directly, but rather start by contacting me through this recruiting form I have set up. I promise that I will get back to you within a day or two.

Personal Contact๐Ÿ”—

keybase logoย  Keybase-@asimpletune
keybase logoย  Twitter-@asimpletune
keybase logoย  GitHub-@asimpletune
keybase logoย  Hacker News-@asimpletune
keybase logoย  LinkedIn

Professional Contact๐Ÿ”—

For professional opportunities, please use my dedicated form. This helps greatly in making sure I can respond quickly, and it helps me organize the information you have by storing it a uniform format. It takes about 30 seconds to fill out, and you will receive a confirmation message that it worked.

PGP Key๐Ÿ”—

If you need to send me something securely and don't have keybase (or you don't want to use it), you can send me encrypted content, or verify content signed with my signature, directly, using my public pgp key.

-----BEGIN PGP PUBLIC KEY BLOCK-----

mDMEYT1qJhYJKwYBBAHaRw8BAQdAy423mAYGV+aQIosugNJmwfvNyKZZaAJqZjSm
ffw9h++0J1NwZW5jZXIgU2NvcmNlbGxldHRpIDxjb250YWN0QHNwZW5jLmVzPoia
BBMWCgBCFiEExmYFdr88UR/CjLt6kTZWCuDopiUFAmE9aiYCGwMFCQPCZwAFCwkI
BwIDIgIBBhUKCQgLAgQWAgMBAh4HAheAAAoJEJE2Vgrg6KYlylUA/RzMrPWIDhWP
TSNIpqlWo3XyK3jvJYUwTU8kM6G6lBuLAQDQIQy4l3X/fDtw3BEXlTYLSojdvCvH
l/4HijdtjYujALg4BGE9aiYSCisGAQQBl1UBBQEBB0A2lv+bugxlSxfySxB63m0q
lfUj6py8vpJmv2mbiWG6YgMBCAeIfgQYFgoAJhYhBMZmBXa/PFEfwoy7epE2Vgrg
6KYlBQJhPWomAhsMBQkDwmcAAAoJEJE2Vgrg6KYlYm8BANj0uu3hCNX4G0AEAuEc
Y2s0CmHoINZJRlFijWbDXGB6AQCY5opUvoQpmR1R9KjJLPpw45/tOJYc+Me4halE
R9/bAw==
=8bGo
-----END PGP PUBLIC KEY BLOCK-----

(Note: you can verify my public key by checking the DNS record I have associated with it)

dig +short contact._pka.spenc.es. TXT

You should see the same fingerprint as above, along with a link to my ascii public key, encoded in the response.

"v=pka1;fpr=C6660576BF3C511FC28CBB7A9136560AE0E8A625;uri=https://spenc.es/pgp/pubkey.asc.txt"

How To Send Me an Encrypted Message๐Ÿ”—

If you want to send me a message, e.g. hello.txt, that only I can read, take the following steps:

  1. Import my public key, using its key ID (The shorter, 64 bit version is ok)
gpg --keyserver pgp.mit.edu --recv 9136560AE0E8A625
  1. Encrypt your message with me as a recipient
gpg --encrypt --armor --recipient 9136560AE0E8A625 hello.txt

A new, encrypted file will be created, ending in .asc. For example, hello.txt.asc would look like this:

-----BEGIN PGP MESSAGE-----

hF4DX2iXAh60pdYSAQdAO6YYKaSF5vyYMBJGobbeD60Wx3BAUOE0iztaR72ATBow
AvvmzBWX9AvHnVF5B4dw2MvOpYiWHzjfgDZfcA4jNd8xUse/c17enVkNWq6tFueg
1FIBCQIV89CmHQRigOlFLJl7kzG23OWll/6oGjaneGYZhsVUkjsizdkwcMGFrXZy
lSJWtTTrFCSL+X36jux74dzOUlXQ6Y61udWVYF1Xs8H3QPP1
=Dhzz
-----END PGP MESSAGE-----
  1. Send me the message

You can attach it in an email or just copy and paste the file created from step #2 directly in the email body.

How To Verify Content Signed with My Signature๐Ÿ”—

If someone sends you something claiming it's from me, you can verify that I really sent it using the command line tool gpg to check the message with my digital signature. For example, if you receive a signed message named hello.txt.asc, claiming to be from me, you can verify the signature used to make the message and compare it my own.

Here's an example signed message, e.g. hello.txt.asc:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

hello
-----BEGIN PGP SIGNATURE-----

iIcEARYKAC8WIQTGZgV2vzxRH8KMu3qRNlYK4OimJQUCYWm0cBEcY29udGFjdEBz
cGVuYy5lcwAKCRCRNlYK4OimJbJeAPwLLngEw0sKkOVFpeQGWCpzzmTyMAo8MUc7
xajgsEKxFAEA8W4eTbYmul7lJevPcaFrimZ97ZMrnduWhwI6wQtLHgA=
=ztDW
-----END PGP SIGNATURE-----

You can verify that I indeed really did send it by following the following steps:

  1. Import my public key, using its key ID (shorter, 64 bit version is ok)
gpg --keyserver pgp.mit.edu --recv 9136560AE0E8A625
  1. Verify the message
gpg --verify hello.txt.asc

You will then see a message that looks somewhat like this:

gpg: Signature made Fri Oct 15 12:03:44 2021 CDT
gpg:                using EDDSA key C6660576BF3C511FC28CBB7A9136560AE0E8A625
gpg:                issuer "[email protected]"
gpg: Good signature from "Spencer Scorcelletti [email protected]>" [ultimate]
gpg: WARNING: not a detached signature; file 'hello.txt' was NOT verified!

โ˜‘๏ธ Make sure that the key ID there ๐Ÿ‘† matches mine: C6660576BF3C511FC28CBB7A9136560AE0E8A625