Thursday, June 11, 2009

GPG Key Transition

A signed version of the below message is available at

Thu Jun 11 11:43:50 EDT 2009

For a number of reasons, i've recently set up a new OpenPGP key, and
will be transitioning away from my old one.

The old key will continue to be valid for some time, but i prefer all
future correspondence to come to the new one. I would also like this
new key to be re-integrated into the web of trust. This message is
signed by both keys to certify the transition.

the old key was:

pub 1024D/7108E308 2002-01-14
Key fingerprint = D86C 9E6D AA49 FBD2 33C6 7EF9 8D4D 6868 7108 E308

And the new key is:

pub 2048R/18F94934 2009-06-11
Key fingerprint = F4AE 5B6B 29A4 355A 0EC1 0B4C AC5D 54B8 18F9 4934

To fetch my new key from a public key server, you can simply do:

gpg --keyserver --recv-key 18F94934

If you already know my old key, you can now verify that the new key is
signed by the old one:

gpg --check-sigs 18F94934

If you don't already know my old key, or you just want to be double
extra paranoid, you can check the fingerprint against the one above:

gpg --fingerprint 18F94934

If you are satisfied that you've got the right key, and the UIDs match
what you expect, I'd appreciate it if you would sign my key:

gpg --sign-key 18F94934

Lastly, if you could upload these signatures, i would appreciate it.
You can either send me an e-mail with the new signatures (if you have
a functional MTA on your system):

gpg --armor --export 18F94934 | mail -s 'OpenPGP Signatures'

Or you can just upload the signatures to a public keyserver directly:

gpg --keyserver --send-key 18F94934

Please let me know if there is any trouble, and sorry for the



No comments: